The Glider

Posted in Security Tools, Tools on March 1st, 2010 by SecurityDatabase

Security-Database IT Vulnerability & Threats Dashboard allows readers and others security professionals to visualize in a granular manner the evolution of the attacks and the vulnerabilities list for each products. We use the worldwide references as well as CVE, CVSS, OVAL and CWE which guaranty a trusty and real information that comply to the standards.
Changelog
Fully migration from SDcon (H,M,L) to CVSS v2.0 (C,H,M,L)
New color brown for Critical Vulnerabilities
CVSS Calculator v2.0 (...) - Security Tools / Metrics, Vulnerability Management

Tags: Tools |

Posted in Security Tools, Tools on February 28th, 2010 by SecurityDatabase

winAUTOPWN is an auto (hacking) shell gaining tool. It can also be used to test IDS, IPS and other monitoring sensors/softwares.
Autohack your targets with least possible interaction.
Features:
Contains already custom-compiled executables of famous and effective exploits alongwith a few original exploits.
No need to debug, script or compile the source codes.
Scans all ports 1 -* 65535 after taking the IP address and tries all possible exploits according to the list of discovered (...) - Security Tools / Framework, Exploitation, Attack, winAUTOPWN

Tags: Tools |

Posted in Security Tools, Tools on February 28th, 2010 by SecurityDatabase

Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The framework is written in JavaScript and successfully executes in numerous platforms including modern browsers with support for HTML5, xulrunner, xpcshell, Java, V8 and others.
Changelog
Improved user interface.
The workspace window now has an Issue view which provides detailed information on each finding.
Detailed reports which can (...) - Security Tools / Vulnerability Scanner, Application Scanner, Configurations checks, websecurify

Tags: Tools |

Posted in Security Tools, Tools on February 27th, 2010 by SecurityDatabase

AutoScan-Network is a network discovering and managing application. No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network
Features:
Multithreaded Scan
Automatic network discovery
Low surcharge on the network
Simultaneous subnetworks scans without human intervention
Realtime detection of any connected equipment
Supervision of any equipment (router, server, firewall...)
Supervision of any network service (smtp, (...) - Security Tools / Network Discovery, IDS, Network Monitoring, AutoScan

Tags: Tools |

Posted in Security Tools, Tools on February 27th, 2010 by SecurityDatabase

Pangolin is an automatic SQL injection penetration testing tool developed by NOSEC. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications.
Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific (...) - Security Tools / Penetration testing & Ethical Hacking, Configurations checks, Database, Exploitation, Pangolin

Tags: Tools |

Posted in Security Tools, Tools on February 27th, 2010 by SecurityDatabase

Web Security Dojo is a turnkey web application security lab with tools, targets, and training materials built into a Virtual Machine(VM). It is ideal for both self-instruction and training classes since everything is pre-configured and no external network connection is needed. All tools and targets are configured to use non-conflicting ports and a Firefox proxy switcher is set up to match.
Web Security Dojo is an open source project built on Ubuntu and hosted at SourceForge. It is (...) - Security Tools / Penetration testing & Ethical Hacking, LiveCD, Application Scanner, Web Security Dojo

Tags: Tools |

Posted in Security Tools, Tools on February 27th, 2010 by SecurityDatabase

SAINT is the Security Administrator's Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT's data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...) - Security Tools / Saint, Vulnerability Scanner, Penetration testing & Ethical Hacking

Tags: Tools |

Posted in Security Tools, Tools on February 27th, 2010 by SecurityDatabase

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
Version 1.7.5 (...) - Security Tools / Password Cracking, John the Ripper

Tags: Tools |

Posted in Security Tools, Tools on February 27th, 2010 by SecurityDatabase

Watcher (The Open source Web Security Testing Tool and PCI compliancy auditing utility) is a runtime passive-analysis tool for HTTP-based Web applications. It detects Web-application security issues as well as operational configuration issues.
Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP (...) - Security Tools / Vulnerability Scanner, Application Scanner, Configurations checks, Watcher

Tags: Tools |

Posted in Security Tools, Tools on February 25th, 2010 by SecurityDatabase

Katana is a portable multi-boot security suite designed for all your computer security needs. The idea behind this tool is to bring together all of the best security distributions to run from one USB drive. Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots.
Katana comes with over 100 portable Windows applications such as Wireshark, HiJackThis, Unstoppable Copier, and OllyDBG.
This release has a couple of major changes to (...) - Security Tools / Penetration testing & Ethical Hacking, LiveCD, Framework, USB Device, Exploitation, Katana

Tags: Tools |