Security Database Tools Watch

Complemento v0.7.6 - Collection of Tools

ToolsTracker — 2010-05-12T04:08:54Z

A collection of tools, just for fun. It includes LetDown, ReverseRaider and Httsquash.
LetDown is a tcp flooder I have programmed after reading Fyodor article "TCP Resource Exhaustion and Botched Disclosure" (you can read it at http://insecure.org/stf/tcp-dos-attack-explained.html). It has an (experimental) userland TCP/IP stack, and supports multistage payloads for complex protocols, fragmentation of packets and variable tcp window.
NOTE: LetDown is based on Fyodor NDos, it's not about (...) - Security Tools / Vulnerability Scanner, Network Discovery, Complemento

MetaGoofil v1.4b released

ToolsTracker — 2010-05-12T04:00:59Z

Metagoofil is an information gathering tool designed for extracting metadata of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
It will generate a html page with the results of the metadata extracted, plus a list of potential usernames very useful for preparing a bruteforce attack on open services like ftp, pop3,web applications, vpn, etc. Also it will extract a list of disclosed PATHs in the metadata, with this information you can guess OS, network (...) - Security Tools / Information Gathering, Data Mining, MetaGooFil

Suricata v0.9 RC1 released

ToolsTracker — 2010-05-12T03:51:59Z

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field.
Version 0.9 RC1
New Features
Support for the http_headers keyword was added
libhtp was updated to version 0.2.3
Privilege dropping using libcap-ng is now supported
Proper support for "pass" rules was added
Inline mode for Windows was added (...) - Security Tools / IDS, Suricata

Xplico v0.5.7 released

ToolsTracker — 2010-05-12T03:37:21Z

The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn't a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).
Xplico is released under the GNU General Public License.
Version 0.5.7
RTCP dissector
RTP dissector improvement
SIP dissector (...) - Security Tools / Network Monitoring, Forensics, Xplico

iScanner v0.5 released - Malicious codes scanner

ToolsTracker — 2010-05-10T22:32:30Z

iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically.
This tool is programmed by iSecur1ty using Ruby programming language and it's released under the terms of GNU Affero General Public License 3.0.
Features
Detect malicious codes in web pages, this include hidden iframe tags, javascript, vbscript and activex objects.
Extensive log shows the infected files and the malicious code. (...) - Security Tools / Local auditing, Defense, Malware Scanner, iScanner

WebTest 1.2.1 - Testing Web Application with Python

ToolsTracker — 2010-05-10T21:02:15Z

WebTest helps you test your WSGI-based web applications. This can be any application that has a WSGI interface, including an application written in a framework that supports WSGI (which includes most actively developed Python web frameworks – almost anything that even nominally supports WSGI should be testable).
With this you can test your web applications without starting an HTTP server, and without poking into the web framework shortcutting pieces of your application that need to (...) - Security Tools / Code Auditing, Configurations checks, WebTest

SQLNinja v0.2.5 released!

ToolsTracker — 2010-05-10T03:10:02Z

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote access on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.
Version 0.2.5
Upload mode is not limited to files of 64k bytes anymore
Uploading (...) - Security Tools / Vulnerability Scanner, Penetration testing & Ethical Hacking, Application Scanner, Database, SqlNinja

WireShark 1.2.8 released

ToolsTracker — 2010-05-07T04:20:22Z

Wireshark is the world's most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2
Version 1.2.8
Bug Fixes
The following vulnerabilities have been fixed. See the security advisory (...) - Security Tools / Data Sniffer, WireShark - Ethereal

fuu v0.1 Beta - [F]aster [U]niversal [U]npacker

ToolsTracker — 2010-05-07T03:27:05Z

FUU (Faster Universal Unpacker) is a GUI Windows Tool with a set of tools (plugins) to help you to unpack, decompress and decrypt most of the programs packed, compressed or encrypted with the very well knowns software protection programs like UPX, ASPack, FSG, ACProtect, etc.
The GUI was designed using RadASM and MASM. Every plugin included in the official release was written in ASM using MASM.
The core of every plugin use TitanEngine SDK from ReversingLabs under the hood, this (...) - Security Tools / Code Auditing, Reverse Engineering, FUU

Lansweeper v4.0 released

ToolsTracker — 2010-05-01T21:30:30Z

Lansweeper is an automated network discovery and asset management tool which scans all your computers and devices and displays them in an easy accessible web interface. There is no need to install any agents on the computers, all scanning is done by standard build-in functionality.
Version 4.0 updates and bug fixes:
Service version 4.0.0.24
Scheduled adsi or computer scanning keeps on running after the specified schedule.
If you enable "refresh active directory users at night" you can (...) - Security Tools / Information Gathering, Configurations checks, Network Monitoring, Lansweeper