The Glider

• Home
•  

Archive for the ‘Security Tools’ Category

Focus on MacNikto v1.1.1

|

Comments Off

Posted in Security Tools, Tools on March 19th, 2010 by SecurityDatabase

MacNikto is an AppleScript GUI shell script wrapper built in Apple's Xcode and Interface Builder, released under the terms of the GPL. It provides easy access to a subset of the features available in the Open Source, command-line driven Nikto web security scanner, installed along with the MacNikto application.
Nikto performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, versions on over 950 servers, and version specific (...) - Security Tools / Vulnerability Scanner, Application Scanner, Nikto, MacNikto

Tags: Tools |

VASTO The First Virtualization Assessment Toolkit released

|

Comments Off

Posted in Security Tools, Tools on March 19th, 2010 by SecurityDatabase

Secure Network is working on the first security assessment toolkit for virtual infrastructures, VASTO, and Criscione announced today the public beta at the Troopers conference.
VASTO comes as a set of components for Metasploit, one of the most popular frameworks for penetration testing in the security industry.
VASTO comes as a set of components for Metasploit, one of the most popular frameworks for penetration testing in the security industry. The framework consists of tools, libraries, (...) - Security Tools / Penetration testing & Ethical Hacking, Configurations checks, VASTO, Virtualization

Tags: Tools |

W3AF ported to FreeBSD

|

Comments Off

Posted in Security Tools, Tools on March 18th, 2010 by SecurityDatabase

w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much
Sofian Brabez, our FreeBSD expert, has updated the FreeBSD port of w3af to the 1.0-rc2 version and commited it to FreeBSD ports sources tree. If you're using FreeBSD, now you have one more reason to use w3af and make your life easier when (...) - Security Tools / Penetration testing & Ethical Hacking, Application Scanner, w3af

Tags: Tools |

iWep Pro Auditor wifi security v1.1.3 on the wild

|

Comments Off

Posted in Security Tools, Tools on March 18th, 2010 by SecurityDatabase

iWep PRO is an application for the iPhone and iPod touch that allow users check if their routers are exposed to some vulnerabilities.
Main vulnerability is WEP/WPA key calculation. There are some routers that can be easily hacked just in few minutes. This happens ONLY when router´s factoy settings were not changed. If factory settings were changed, iWep PRO is useless with your router.
iWep PRO is based in WEP/WPA calcualtion methods found in internet. You can find them on your own, and (...) - Security Tools / Vulnerability Scanner, Wireless, Configurations checks, iWep Pro

Tags: Tools |

FireCAT v1.6.2 updated with Framework Detector

|

Comments Off

Posted in Security Tools, Tools on March 18th, 2010 by SecurityDatabase

New extensions added:
Framework Detector added (Category Information Gathering -> Enumeration and footprinting)
Framework Detector can automatically detect JavaScript framework/s used in current page. Can detect more than 70 popular JavaScript frameworks, libraries and components, including: Backbase, Dojo/Dijit, Echo, ExtJS, GWT, ICEfaces, jQuery, MooTools, Nitobi, Prototype, qooXdoo, Rialto, Rico, script.aculo.us, SmartClient, Spry, TinyMCE, YUI and many others. Based on WTFramework (...) - Security Tools / Firefox, Application Scanner, Framework, FireCAT

Tags: Tools |

XSSploit XSS scanner multiplatfom v0.5 available

|

Comments Off

Posted in Security Tools, Tools on March 18th, 2010 by SecurityDatabase

XSSploit is a multi-platform Cross-Site Scripting scanner and exploiter written in Python. It has been developed to help discovery and exploitation of XSS vulnerabilities in penetration testing missions.
When used against a website, XSSploit first crawls the whole website and identifies encountered forms. It then analyses these forms to automatically detect existing XSS vulnerabilities as well as their main characteristics.
The vulnerabilities that have been discovered can then be exploited (...) - Security Tools / Penetration testing & Ethical Hacking, Application Scanner, Configurations checks, XSSploit

Tags: Tools |

FireCAT v1.6.2 updated with BackendInfo

|

Comments Off

Posted in Security Tools, Tools on March 17th, 2010 by SecurityDatabase

New extensions added:
BackendInfo extension added (Category Information Gathering -> Enumeration and footprinting)
BackendInfo is a lightweight Firefox extension that detects name and version of backends behind websites.
Detecting 15 different backends / 130+ versions
Drupal 6.x, 5.x, Wordpress 2.x
phpBB 2.x, 3.x, Django, DokuWiki
MediaWiki, MoinMoin, Reddit, Blogger
Joomla 1.5.x, 1.0.x
more…
Now FireCAT supports 92 (...) - Security Tools / Firefox, FireCAT

Tags: Tools |

Digital Forensics Framework v0.5 released

|

Comments Off

Posted in Security Tools, Tools on March 17th, 2010 by SecurityDatabase

DFF (Digital Forensics Framework) is a simple but powerfull open source tool with a flexible module system which will help you in your digital forensics works, including files recovery due to error or crash, evidence research and analysis, etc. The source code is written in C++ and Python, allowing performances and great extensibility
This project follows three main goals:
Modularity. In contrary to the monolithic model, the modular model is based on an a host and many modules. This (...) - Security Tools / Local auditing, Forensics, Digital Forensics Framework

Tags: Tools |

JBroFuzz v2.0 released

|

Comments Off

Posted in Security Tools, Tools on March 16th, 2010 by SecurityDatabase

JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.
Version 2.0
User basic authentication supported and updated headers to show 2.0 release
Fixed preferences bug.
Added Authorization header option in UI, under URL Encoding
Created a Verifier for .jbrf files
Fixed a small mistake in EncoderHashFrame.java
Implemented a Cross Product (...) - Security Tools / JBroFuzz, Fuzzers

Tags: Tools |

Saint Vulnerability Scanner v7.3 on the wild

|

Comments Off

Posted in Security Tools, Tools on March 16th, 2010 by SecurityDatabase

SAINT is the Security Administrator's Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT's data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...) - Security Tools / Saint, Vulnerability Scanner, Penetration testing & Ethical Hacking

Tags: Tools |

• Search

• Categories

  • "Beverage" Cooling Contraption Contest (1)
  • "End of Internet" (1)
  • #nomorefreebugs (1)
  • *canceled* Defcon Geo Challenge *canceled* (1)
  • *canceled* Hack Fortress *canceled* (1)
  • /dev/null (4)
  • 0day (1)
  • 10,000¢ Hacker Pyramid (4)
  • 2.0 (1)
  • ABE (2)
  • activity (1)
  • Administravia (2)
  • aircraft (1)
  • Airline Security (1)
  • alextaylor (1)
  • Amsterdam (1)
  • announcement (1)
  • Anonymity (1)
  • app (2)
  • App Security (2)
  • Apple (2)
  • applestore (2)
  • Application Security (11)
  • Arbor Networks (8)
  • art (1)
  • Art & Animation (2)
  • article (7)
  • Artwork Contest(s) (1)
  • ATLAS (2)
  • Attacks (1)
  • authorreadings (1)
  • avaya (1)
  • Backdoor Hiding Contest (3)
  • Badge Hacking Contest (10)
  • ballroom (1)
  • barbican (1)
  • Be The Match Foundation – Bone Marrow Drive (3)
  • bethnalgreen (1)
  • Blog (22)
  • Books (1)
  • Botnets (4)
  • bowroad (1)
  • Breach (1)
  • bruteforce (1)
  • bruteforcing (2)
  • Bugs (1)
  • burp (7)
  • burp intruder (2)
  • business (12)
  • camera (5)
  • cameras (1)
  • central (1)
  • chambermusic (1)
  • charingcross (1)
  • charlesmartin (1)
  • childrens (1)
  • chisenhale (1)
  • chisenhalegallery (1)
  • classicalmusic (1)
  • Clickjacking (1)
  • Cloud Security (2)
  • code (6)
  • coldfusion (1)
  • Columns – Haddix (1)
  • Columns – Linn (6)
  • Columns – Murray (1)
  • Comedy (12)
  • comedyvirgins (1)
  • comics (1)
  • command execution (1)
  • commentary (1)
  • Community Talk (24)
  • Computer Components – Software / Internet (2)
  • Computer Components – Video Cards (1)
  • conferences (2)
  • CONFidence (1)
  • Cool Commercials (5)
  • Crack Me If You Can (13)
  • Crash and Compile (4)
  • Crime (3)
  • Critical Infrastructure (3)
  • csrf (3)
  • CSRF and Session Info (38)
  • CTP : Capture the Packet (5)
  • cups (1)
  • CVE-2009-1151 (1)
  • cyber warfare (1)
  • Dance & Theatre (1)
  • dannywallace (1)
  • Dark Tangent's Tamper Evident Contest (2)
  • Data Security (2)
  • david (1)
  • DC101 (7)
  • DC18: Official and Unofficial Events and Contests (2)
  • DC206 — Seattle, WA (1)
  • DC207 — Auburn, ME (1)
  • DC407 — Orlando, FL (2)
  • DC713 — Houston, TX (1)
  • DC801 — Salt Lake City, UT (2)
  • DC815 — Rockford, IL (1)
  • DC970-1 — Fort Collins, CO (1)
  • ddos (1)
  • deadbird (1)
  • DEFCON 18 and Recovery (30)
  • DEFCON 18 Planning (21)
  • DEFCON 19 Planning (8)
  • Defcon Shoot (12)
  • Defcon Short Story contest (1)
  • director (1)
  • directory (1)
  • Disclosure (1)
  • discovery (1)
  • distro (1)
  • dnsmap (2)
  • DoS (4)
  • drawing (1)
  • Drunken Banter (9)
  • Dumbass (3)
  • embedded (2)
  • Entertainment (14)
  • enumeration (1)
  • eusecwest (1)
  • event (3)
  • Events (10)
  • exhibition (1)
  • Exhibitions (4)
  • exploit (4)
  • Facebook (1)
  • Family (3)
  • familyactivity (1)
  • Featured Research (24)
  • Features – /root (10)
  • Features – Book Reviews (4)
  • Features – Skillz (4)
  • Festivals (1)
  • Film (4)
  • firefox (1)
  • firmware (1)
  • FlashGot (1)
  • folk (1)
  • Forum Meet (1)
  • Forums (253)
    • Astalavista (253)
  • franzferdinand (1)
  • Freakshow Party and Related Events or Contests (1)
  • free (7)
  • freeevents (4)
  • freefall (1)
  • friday (1)
  • Full Disclosure (43)
  • fun (1)
  • Funny (2)
  • General Announcements (1)
  • General News (4)
  • gift card (1)
  • giuliabacci (1)
  • Google (4)
  • Goon Band — Recognize (2)
  • greateasternstreet (1)
  • guinnessworldrecords (1)
  • hack (1)
  • hacker (1)
  • Hacker Jeopardy (1)
  • Hacker Karaoke (2)
  • hacking (15)
  • Hardware (2)
  • Hardware Hacking Village (10)
  • harryhill (1)
  • harryhillstvburp (1)
  • hitb (1)
  • hitbsecconf (1)
  • hmvoxfordstreet (1)
  • How To (47)
  • Hype Cycles (2)
  • ID Theft (1)
  • Identity and Access Management (9)
  • Identity and Access Program Management (8)
  • Identity Verification (6)
  • IE (2)
  • Infrastructure Protection (7)
  • Insider Threat (1)
  • Interesting Research (1)
  • international (1)
  • Internet (4)
  • Internet service provider (1)
  • Internet traffic (1)
  • Intro (31)
  • intuity (1)
  • iphone (1)
  • IPv6 (1)
  • itunes (1)
  • jazz (1)
  • jeriko (1)
  • kids (1)
  • kissing (1)
  • Knowledge (41)
    • SANSRR (35)
    • WebCasts (6)
  • krakow (1)
  • Legal Aspects (2)
  • leicestersquare (2)
  • Life (1)
  • link (8)
  • linksys (6)
  • Linux (1)
  • Literary (2)
  • Local Meetings & Other Events (18)
  • london (7)
  • londonisfree (2)
  • LosT @ Con Mystery Challenge (12)
  • Magic Quadrants (3)
  • Magic Quadrants and MarketScopes (27)
  • magstripe (1)
  • Malware (6)
  • manipulation (1)
  • Massage Table In Contest Room (2)
  • mileend (1)
  • Military (1)
  • Mohawk-Con! (1)
  • mount (1)
  • movies (1)
  • Mozilla (17)
  • museum (1)
  • Music (3)
  • Music & Dance (1)
  • nationalportraitgallery (1)
  • network (1)
  • Networking (2)
  • New Ideas (2)
  • News (19049)
    • CGI Security (96)
    • E-Week (12347)
    • Gartner (41)
    • ISC (1348)
    • Network World (4604)
    • SANS (135)
    • SANSNB (131)
    • Zone-H (19)
  • News & Events (1)
  • News – Latest (3)
  • News Analysis (1)
  • News and Links (20)
  • Ninja Networks Badge and Events (5)
  • nonsense (1)
  • NoScript (13)
  • npg (1)
  • Obfuscation (90)
  • obsessedabout (1)
  • odeon (1)
  • Official DEF CON DJs, Music, and Events (8)
  • oldstreet (1)
  • OMG Ponies (64)
  • Open CTF (3)
  • Other (4)
  • outage (2)
  • pagvac (5)
  • Patches (1)
  • PCB PWNage (2)
  • peering (1)
  • people (1)
  • People & Stories (1)
  • Pets & Animals (1)
  • Photo/Image Discussion (2)
  • photographeroftheyear (1)
  • photography (1)
  • phpMyAdmin (1)
  • piccadillycircus (1)
  • podcast (1)
  • Podcasts (1)
  • Politics (8)
  • pop (1)
  • premieres (1)
  • privacy (9)
  • programming (1)
  • project (2)
  • Projects (28)
  • python (1)
  • QueerCon (1)
  • raf (1)
  • Random Security (10)
  • Recent Research (76)
  • remote (1)
  • research (1)
  • Reverse Engineering (1)
  • Ricketts Sniffing/Trivia Contest UNOFFICIAL (last minute addition) (2)
  • Ride and Room Sharing (30)
  • Robots/Spiders/CAPTCHAs, oh my (2)
  • SCADA Security (1)
  • scanners (2)
  • Scavenger Hunt (8)
  • Science & Tech (29)
  • Search Engine Hacking and SEO (1)
  • security (15)
  • Security Briefing (6)
  • security scanner (1)
  • Security Tools (438)
  • secwest (1)
  • SEO/SEM (1)
  • shirley (1)
  • shoreditch (1)
  • simonmartin (1)
  • simonmassey (1)
  • skills (1)
  • skins (1)
  • skydive (1)
  • Skytalks (2)
  • slides (1)
  • social engineering (1)
  • Social Media (1)
  • soho (1)
  • Spotlights (20)
  • SQL (1)
  • SQL and Code Injection (233)
  • SSL (1)
  • standup (1)
  • stream (1)
  • subdmain (1)
  • subdomain (1)
  • sweatshop (1)
  • swimming (1)
  • Tech (1)
  • technology (144)
  • teddington (1)
  • The Basics (26)
  • The Summit (2)
  • thefoundry (1)
  • thick clients (1)
  • titanic (1)
  • tool (1)
  • Tools (632)
  • Toxic BBQ (3)
  • trafalgarsquare (2)
  • training (1)
  • Travel & Outdoors (1)
  • traversal (1)
  • Trojan Horses (1)
  • TV & Radio Recordings (2)
  • tvradiorecording (1)
  • twilight (1)
  • twitter (1)
  • Twitter Hunt (4)
  • Uncategorized (8280)
  • update (1)
  • updates (1)
  • us (12)
  • V13P (14)
  • Value Added News Discussion (7)
  • Vendor News (1)
  • Vendor Ratings (2)
  • Vendor Talk (1)
  • victoriapark (1)
  • video (13)
  • Video Games (20)
  • Vitals – EH-Net News (15)
  • vulnerabilities (9197)
    • debian (181)
    • SANS (958)
    • Secunia (1250)
    • SecurityFocus (6578)
    • TechNet (173)
    • US-CERT (57)
  • vulnerability (10)
  • Wall of Sheep (2)
  • war (1)
  • watchmen (1)
  • web (1)
  • web application (1)
  • web application security scanner (1)
  • Web Security (1)
  • web2.0 (2)
  • Webappsec (32)
  • Wheels & Wings (3)
  • windows (1)
  • Wireless Security (30)
  • XSS (7)
  • XSS Info (44)
  • YouTube (2)

• Recent Posts

  • INSIDE MOBILE: The Looming Rich Media Wars: Apple vs. the World
  • Oracle Beefs Up Solaris with New Features
  • Oracle to Pay Hurd $950K Salary, with Bonuses Up to $10M
  • HP ProLiant Microserver, Desktops Aimed at SMBs
  • Bugtraq: [ GLSA 201009-06 ] Clam AntiVirus: Multiple vulnerabilities
  • Bugtraq: [security bulletin] HPSBMA02574 SSRT100038 rev.1 – HP ProLiant G6 Lights-Out 100, Remote Management, Denial of Service (DoS)
  • Bugtraq: [SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities
  • Bugtraq: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
  • Storage Software Market Gives Mixed Messages
  • Google TV, Apple TV: 10 Reasons Why They Want to Control Your Living Room

• Noise

  .net apache application architecture asp astalavista blackberry code cve defcon encryption enterprise exploit fedora forums gartner iis kernel Knowledge linux microsoft News password patch php privacy samba sans security smtp solaris sql ssh sun Tools ubuntu unix vulnerabilities vulnerability web webcasts whitepapers windows XSS