The Glider

• Home
•  

Archive for the ‘Security Tools’ Category

PenTBox v1.3.2 FINAL released

|

Comments Off

Posted in Security Tools, Tools on March 25th, 2010 by SecurityDatabase

PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security/stability of networks and more. Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more).
Version 1.3.2

• FTP fuzzing improved and finished.

Improved CLI.
Improved files working.
Now the Honeypot log have a file by default.
Added a hping3-based (...) - Security Tools / Vulnerability Scanner, Password Cracking, Framework, PenTBox

Tags: Tools |

SAMHAIN 2.6.4 released

|

Comments Off

Posted in Security Tools, Tools on March 23rd, 2010 by SecurityDatabase

The samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
Samhain v2.6.4
Don't read proc_root_iops in sh_kern.c (Problem report by H. R.)
Logfile check can check output of shell commands
Use data directory as default for logfile checkpoints
Fix broken checkpoint save/restore for logfiles
MD5: (...) - Security Tools / IDS, Network Monitoring, Samhain

Tags: Tools |

Focus on scRUBYt! v0.4.11 the powerful web scraping tool

|

Comments Off

Posted in Security Tools, Tools on March 23rd, 2010 by SecurityDatabase

scRUBYt! is a simple but powerful web scraping toolkit written in Ruby. It's purpose is to free you from the drudgery of web page crawling, looking up HTML tags, attributes, XPaths, form names and other typical low-level web scraping stuff by figuring these out from your examples copy'n'pasted from the Web page or straight from Firebug.
scRUBYt! has only 2 dependencies, hpricot and mechanize (optionally FireWatir for AJAX scraping).
Changements :
[NEW] possibility to use FireWatir as the (...) - Security Tools / Information Gathering, Application Scanner, Configurations checks, scRUBYt!

Tags: Tools |

SQLFury SQL Injection for Adobe Air runtime v1.1.6 availabe

|

Comments Off

Posted in Security Tools, Tools on March 23rd, 2010 by SecurityDatabase

SQLFury is an injection scanner that uses blind SQL injection techniques to extract information from a target database. It targets Air Abobe AIR Runtime
Database Support:
MySQL
PostgreSQL
Oracle
Microsoft SQL Server
Extract from database:
Database version.
Current database user.
All database users.
Database name.
All database names.
All table names.
All columns names.
Entire columns.
Version:
SQLFury 1.1.6 ( size : 517K )
Runs on Windows XP/Vista or MacOS X (...) - Security Tools / Application Scanner, Configurations checks, Database, SQLFury

Tags: Tools |

Burp Intruder Botox announces many improvements

|

Comments Off

Posted in Security Tools, Tools on March 23rd, 2010 by SecurityDatabase

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility.
The new beta version of Burp Intruder, which contains a bunch of frequently-requested enhancements:
You can now (...) - Security Tools / Application Scanner, Burp

Tags: Tools |

Netsparker author released Freakin’ Simple Fuzzer v0.7.3.5

|

Comments Off

Posted in Security Tools, Tools on March 23rd, 2010 by SecurityDatabase

FSF is a plug-in based freakin' simple fuzzer for fuzzing web applications and scraping data. It supports some basic stuff and missing some features however it has got some advanced RegEx capturing features for scraping data out of web applications.
Why bring yet another fuzzer into this cruel world?
Yeah, I know there are so many of them hanging around. Basically I was trying to fuzz something and after spending about 2-3 hours about 3-4 different terribly designed fuzzers I thought (...) - Security Tools / Fuzzers, Freakin' Simple Fuzzer

Tags: Tools |

Netsparker 1.3.0.0 in the wild

|

Comments Off

Posted in Security Tools, Tools on March 23rd, 2010 by SecurityDatabase

Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker.
It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting (XSS), Remote Code Execution and many more. It has exploitation built on it, for example you can get a reverse shell out of an identified SQL Injection or extract data via running custom SQL queries.
Netsparker (...) - Security Tools / Vulnerability Scanner, Application Scanner, Netsparker

Tags: Tools |

iExploder v1.5 – Web Browser Quality Assurance Tester

|

Comments Off

Posted in Security Tools, Tools on March 22nd, 2010 by SecurityDatabase

iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.
iExploder was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit (...) - Security Tools / Code Auditing, Fuzzers, Framework, iExploder

Tags: Tools |

pvefindaddr v1.25 released

|

Comments Off

Posted in Security Tools, Tools on March 21st, 2010 by SecurityDatabase

pvefindaddr is a PyCommand (plugin) for Immunity Debugger. Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.
Drop the file in the pycommands folder within your Immunity Debugger installation folder. You can get the list of (...) - Security Tools / Exploitation, pvefindaddr

Tags: Tools |

(Update) Skipfish Active web application scanner v1.08 beta just released

|

Comments Off

Posted in Security Tools, Tools on March 19th, 2010 by SecurityDatabase

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.
Key Features:
High performance: 500+ requests per second against responsive Internet targets, 2000+ requests per second on LAN / MAN networks, and 7000+ requests against local (...) - Security Tools / Enumeration, Information Gathering, Application Scanner, Configurations checks, Skipfish

Tags: Tools |

• Search

• Categories

  • "Beverage" Cooling Contraption Contest (1)
  • "End of Internet" (1)
  • #nomorefreebugs (1)
  • *canceled* Defcon Geo Challenge *canceled* (1)
  • *canceled* Hack Fortress *canceled* (1)
  • /dev/null (4)
  • 0day (1)
  • 10,000¢ Hacker Pyramid (4)
  • 2.0 (1)
  • ABE (2)
  • activity (1)
  • Administravia (2)
  • aircraft (1)
  • Airline Security (1)
  • alextaylor (1)
  • Amsterdam (1)
  • announcement (1)
  • Anonymity (1)
  • app (2)
  • App Security (2)
  • Apple (2)
  • applestore (2)
  • Application Security (11)
  • Arbor Networks (8)
  • art (1)
  • Art & Animation (2)
  • article (7)
  • Artwork Contest(s) (1)
  • ATLAS (2)
  • Attacks (1)
  • authorreadings (1)
  • avaya (1)
  • Backdoor Hiding Contest (3)
  • Badge Hacking Contest (10)
  • ballroom (1)
  • barbican (1)
  • Be The Match Foundation – Bone Marrow Drive (3)
  • bethnalgreen (1)
  • Blog (22)
  • Books (1)
  • Botnets (4)
  • bowroad (1)
  • Breach (1)
  • bruteforce (1)
  • bruteforcing (2)
  • Bugs (1)
  • burp (7)
  • burp intruder (2)
  • business (12)
  • camera (5)
  • cameras (1)
  • central (1)
  • chambermusic (1)
  • charingcross (1)
  • charlesmartin (1)
  • childrens (1)
  • chisenhale (1)
  • chisenhalegallery (1)
  • classicalmusic (1)
  • Clickjacking (1)
  • Cloud Security (2)
  • code (6)
  • coldfusion (1)
  • Columns – Haddix (1)
  • Columns – Linn (6)
  • Columns – Murray (1)
  • Comedy (12)
  • comedyvirgins (1)
  • comics (1)
  • command execution (1)
  • commentary (1)
  • Community Talk (24)
  • Computer Components – Software / Internet (2)
  • Computer Components – Video Cards (1)
  • conferences (2)
  • CONFidence (1)
  • Cool Commercials (5)
  • Crack Me If You Can (13)
  • Crash and Compile (4)
  • Crime (3)
  • Critical Infrastructure (3)
  • csrf (3)
  • CSRF and Session Info (38)
  • CTP : Capture the Packet (5)
  • cups (1)
  • CVE-2009-1151 (1)
  • cyber warfare (1)
  • Dance & Theatre (1)
  • dannywallace (1)
  • Dark Tangent's Tamper Evident Contest (2)
  • Data Security (2)
  • david (1)
  • DC101 (7)
  • DC18: Official and Unofficial Events and Contests (2)
  • DC206 — Seattle, WA (1)
  • DC207 — Auburn, ME (1)
  • DC407 — Orlando, FL (2)
  • DC713 — Houston, TX (1)
  • DC801 — Salt Lake City, UT (2)
  • DC815 — Rockford, IL (1)
  • DC970-1 — Fort Collins, CO (1)
  • ddos (1)
  • deadbird (1)
  • DEFCON 18 and Recovery (30)
  • DEFCON 18 Planning (21)
  • DEFCON 19 Planning (8)
  • Defcon Shoot (12)
  • Defcon Short Story contest (1)
  • director (1)
  • directory (1)
  • Disclosure (1)
  • discovery (1)
  • distro (1)
  • dnsmap (2)
  • DoS (4)
  • drawing (1)
  • Drunken Banter (9)
  • Dumbass (3)
  • embedded (2)
  • Entertainment (14)
  • enumeration (1)
  • eusecwest (1)
  • event (3)
  • Events (10)
  • exhibition (1)
  • Exhibitions (4)
  • exploit (4)
  • Facebook (1)
  • Family (3)
  • familyactivity (1)
  • Featured Research (24)
  • Features – /root (10)
  • Features – Book Reviews (4)
  • Features – Skillz (4)
  • Festivals (1)
  • Film (4)
  • firefox (1)
  • firmware (1)
  • FlashGot (1)
  • folk (1)
  • Forum Meet (1)
  • Forums (253)
    • Astalavista (253)
  • franzferdinand (1)
  • Freakshow Party and Related Events or Contests (1)
  • free (7)
  • freeevents (4)
  • freefall (1)
  • friday (1)
  • Full Disclosure (43)
  • fun (1)
  • Funny (2)
  • General Announcements (1)
  • General News (4)
  • gift card (1)
  • giuliabacci (1)
  • Google (4)
  • Goon Band — Recognize (2)
  • greateasternstreet (1)
  • guinnessworldrecords (1)
  • hack (1)
  • hacker (1)
  • Hacker Jeopardy (1)
  • Hacker Karaoke (2)
  • hacking (15)
  • Hardware (2)
  • Hardware Hacking Village (10)
  • harryhill (1)
  • harryhillstvburp (1)
  • hitb (1)
  • hitbsecconf (1)
  • hmvoxfordstreet (1)
  • How To (47)
  • Hype Cycles (2)
  • ID Theft (1)
  • Identity and Access Management (9)
  • Identity and Access Program Management (8)
  • Identity Verification (6)
  • IE (2)
  • Infrastructure Protection (7)
  • Insider Threat (1)
  • Interesting Research (1)
  • international (1)
  • Internet (4)
  • Internet service provider (1)
  • Internet traffic (1)
  • Intro (31)
  • intuity (1)
  • iphone (1)
  • IPv6 (1)
  • itunes (1)
  • jazz (1)
  • jeriko (1)
  • kids (1)
  • kissing (1)
  • Knowledge (41)
    • SANSRR (35)
    • WebCasts (6)
  • krakow (1)
  • Legal Aspects (2)
  • leicestersquare (2)
  • Life (1)
  • link (8)
  • linksys (6)
  • Linux (1)
  • Literary (2)
  • Local Meetings & Other Events (18)
  • london (7)
  • londonisfree (2)
  • LosT @ Con Mystery Challenge (12)
  • Magic Quadrants (3)
  • Magic Quadrants and MarketScopes (27)
  • magstripe (1)
  • Malware (6)
  • manipulation (1)
  • Massage Table In Contest Room (2)
  • mileend (1)
  • Military (1)
  • Mohawk-Con! (1)
  • mount (1)
  • movies (1)
  • Mozilla (17)
  • museum (1)
  • Music (3)
  • Music & Dance (1)
  • nationalportraitgallery (1)
  • network (1)
  • Networking (2)
  • New Ideas (2)
  • News (19049)
    • CGI Security (96)
    • E-Week (12347)
    • Gartner (41)
    • ISC (1348)
    • Network World (4604)
    • SANS (135)
    • SANSNB (131)
    • Zone-H (19)
  • News & Events (1)
  • News – Latest (3)
  • News Analysis (1)
  • News and Links (20)
  • Ninja Networks Badge and Events (5)
  • nonsense (1)
  • NoScript (13)
  • npg (1)
  • Obfuscation (90)
  • obsessedabout (1)
  • odeon (1)
  • Official DEF CON DJs, Music, and Events (8)
  • oldstreet (1)
  • OMG Ponies (64)
  • Open CTF (3)
  • Other (4)
  • outage (2)
  • pagvac (5)
  • Patches (1)
  • PCB PWNage (2)
  • peering (1)
  • people (1)
  • People & Stories (1)
  • Pets & Animals (1)
  • Photo/Image Discussion (2)
  • photographeroftheyear (1)
  • photography (1)
  • phpMyAdmin (1)
  • piccadillycircus (1)
  • podcast (1)
  • Podcasts (1)
  • Politics (8)
  • pop (1)
  • premieres (1)
  • privacy (9)
  • programming (1)
  • project (2)
  • Projects (28)
  • python (1)
  • QueerCon (1)
  • raf (1)
  • Random Security (10)
  • Recent Research (76)
  • remote (1)
  • research (1)
  • Reverse Engineering (1)
  • Ricketts Sniffing/Trivia Contest UNOFFICIAL (last minute addition) (2)
  • Ride and Room Sharing (30)
  • Robots/Spiders/CAPTCHAs, oh my (2)
  • SCADA Security (1)
  • scanners (2)
  • Scavenger Hunt (8)
  • Science & Tech (29)
  • Search Engine Hacking and SEO (1)
  • security (15)
  • Security Briefing (6)
  • security scanner (1)
  • Security Tools (438)
  • secwest (1)
  • SEO/SEM (1)
  • shirley (1)
  • shoreditch (1)
  • simonmartin (1)
  • simonmassey (1)
  • skills (1)
  • skins (1)
  • skydive (1)
  • Skytalks (2)
  • slides (1)
  • social engineering (1)
  • Social Media (1)
  • soho (1)
  • Spotlights (20)
  • SQL (1)
  • SQL and Code Injection (233)
  • SSL (1)
  • standup (1)
  • stream (1)
  • subdmain (1)
  • subdomain (1)
  • sweatshop (1)
  • swimming (1)
  • Tech (1)
  • technology (144)
  • teddington (1)
  • The Basics (26)
  • The Summit (2)
  • thefoundry (1)
  • thick clients (1)
  • titanic (1)
  • tool (1)
  • Tools (632)
  • Toxic BBQ (3)
  • trafalgarsquare (2)
  • training (1)
  • Travel & Outdoors (1)
  • traversal (1)
  • Trojan Horses (1)
  • TV & Radio Recordings (2)
  • tvradiorecording (1)
  • twilight (1)
  • twitter (1)
  • Twitter Hunt (4)
  • Uncategorized (8285)
  • update (1)
  • updates (1)
  • us (12)
  • V13P (14)
  • Value Added News Discussion (7)
  • Vendor News (1)
  • Vendor Ratings (2)
  • Vendor Talk (1)
  • victoriapark (1)
  • video (13)
  • Video Games (20)
  • Vitals – EH-Net News (15)
  • vulnerabilities (9197)
    • debian (181)
    • SANS (958)
    • Secunia (1250)
    • SecurityFocus (6578)
    • TechNet (173)
    • US-CERT (57)
  • vulnerability (10)
  • Wall of Sheep (2)
  • war (1)
  • watchmen (1)
  • web (1)
  • web application (1)
  • web application security scanner (1)
  • Web Security (1)
  • web2.0 (2)
  • Webappsec (32)
  • Wheels & Wings (3)
  • windows (1)
  • Wireless Security (30)
  • XSS (7)
  • XSS Info (44)
  • YouTube (2)

• Recent Posts

  • Jailbreak Hole In iOS 4.1 Will Be Hard To Close
  • INSIDE MOBILE: The Looming Rich Media Wars: Apple vs. the World
  • Oracle Beefs Up Solaris with New Features
  • Oracle to Pay Hurd $950K Salary, with Bonuses Up to $10M
  • HP ProLiant Microserver, Desktops Aimed at SMBs
  • Bugtraq: [ GLSA 201009-06 ] Clam AntiVirus: Multiple vulnerabilities
  • Bugtraq: [security bulletin] HPSBMA02574 SSRT100038 rev.1 – HP ProLiant G6 Lights-Out 100, Remote Management, Denial of Service (DoS)
  • Bugtraq: [SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
  • Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
  • Storage Software Market Gives Mixed Messages

• Noise

  .net apache application architecture asp astalavista blackberry code cve defcon encryption enterprise exploit fedora forums gartner iis kernel Knowledge linux microsoft News password patch php privacy samba sans security smtp solaris sql ssh sun Tools ubuntu unix vulnerabilities vulnerability web webcasts whitepapers windows XSS