The Glider

Posted in Security Tools, Tools on March 10th, 2010 by SecurityDatabase

SubSeven 2.3 is a simple, easy to use remote administration tool (RAT) designed to work on all current Windows platforms, both 32bit and 64bit. This tool is aimed at people who want that little bit more power and control over remote computer management. Please use this tool responsibly and read and accept the disclaimer prior to use. If you do not agree with the disclaimer, please do not use the tool. You accept full liability and responsibility for your actions when using SubSeven. Do not (...) - Security Tools / Remote Administration Tool, Exploitation, Sub7, Trojan

Tags: Tools |

Posted in Security Tools, Tools on March 9th, 2010 by SecurityDatabase

GeoIPgen is a country-to-IPs generator. It's a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. Geoipgen is the first published use of a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country.
Version 0.4 (07/03/2010)
Faster and smaller memory usage. It now uses the fast-random algorithm by default instead of the bit-field method
Re-wrote README file
Simplified usage instructions
Video: Geo (...) - Security Tools / Enumeration, Information Gathering, Network Discovery, GeoIPgen

Tags: Tools |

Posted in Security Tools, Tools on March 9th, 2010 by SecurityDatabase

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.
Version 0.5.7
Debian dpkginfo probe is available now
RHEL5 support
new command line tool - OVAL scanner
Fedora 12 OVAL content available
documentation is (...) - Security Tools / Vulnerability Scanner, Configurations checks, Local auditing, OpenSCAP

Tags: Tools |

Posted in Security Tools, Tools on March 9th, 2010 by SecurityDatabase

Dradis is an open source framework to enable effective information sharing. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead.
Features include:
Easy report generation.
Support for attachments.
Integration with existing systems and tools through server plugins.
Platform independent.
Version 2.5.1 (7/03/2010)
Server component:
Various improvements in the NotesBrowser (...) - Security Tools / Vulnerability Management, Dradis

Tags: Tools |

Posted in Security Tools, Tools on March 9th, 2010 by SecurityDatabase

Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can:
CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can't match traffic.
ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules
SANITY CHECK CHANGES to see if new rules create problems.
Flint is absolutely free. There's no catch. You can download the source from our git repository. This isn't the "play at home" version; it's our second (...) - Security Tools / Configurations checks, Local auditing, Flint

Tags: Tools |

Posted in Security Tools, Tools on March 8th, 2010 by SecurityDatabase

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
Version 1.0 RC 1
Auto pause, when 20 consecutive 20 errors happen
Spelling mistakes corrected
Multi threaded all the work generation, so multiple dir and file exts are scanned at the same time (this makes it much faster!)
Reconstructed multiple parts of the code
Proxy settings are now persistent
The ability to change the look and feel has now been added (...) - Security Tools / Application Scanner, Bruteforcers, Configurations checks, DirBuster

Tags: Tools |

Posted in Security Tools, Tools on March 8th, 2010 by SecurityDatabase

Wordpress finger printer tool search and retrieve information about the plugins versions installed in Wordpress systems.
It can analyze a single URL or perform an analysis based on the results indexed by Google. Additionally displays CVE code associated with each plugin, if there.
Version 0.1-6-rt-beta:
Threads support added.
Libraries
xgoogle
Plecost works in two modes. On the one hand by analyzing a single URL and the other analyzing the results of Google searches (-G).
Options: (...) - Security Tools / Enumeration, Information Gathering, plecost

Tags: Tools |

Posted in Security Tools, Tools on March 7th, 2010 by SecurityDatabase

Malicious software pieces like viruses, worms and bots are currently one of the largest threats to the security of the Internet. Antivirus Labs have invested great Money for analyzing and reversing viruses, but for our case we can perform the analysis using some useful tools on our PC.
Let's start with www.virustotal.com , if I feel that I have a suspicious file. First what I will do is to upload it to VirusTotal. VirusTotal gives the user the ability to analyze any file with more than 40 (...) - Security Tools / Malware Scanner

Tags: Tools |

Posted in Security Tools, Tools on March 7th, 2010 by SecurityDatabase

SpiderLabs has developed dozens of tools over the years. Most of them end up as internal-only tools since they eventually make their way into one of Trustwave's product offerings. Recently, we have decided to showcase some of these tools and provide them as Open Source to the information security community. The tools have been made available without warranty and are available under the GNU General Public License as published by the Free Software Foundation.
ackack : A program to monitor (...) - Security Tools / Penetration testing & Ethical Hacking, Network Discovery, Exploitation, Attack

Tags: Tools |

Posted in Security Tools, Tools on March 7th, 2010 by SecurityDatabase

FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners.
New extensions:
Category Network utilities -> Passwords: Fireforce - The bruteforce attacks firefox extension ( http://www.scrt.ch/pages_en/fireforce.html)
Category IT (...) - Security Tools / Firefox, Methodology, Framework, FireCAT

Tags: Tools |