Security Tools News & Tips

Blue Coat’s K9 Web Protection is a free Internet and parental controls filter that gives parents control over their family’s use of the Internet. It enables parents to monitor and control what sites their children access and enables them to block offensive or potentially dangerous sites. K9 Web Protection relies on the same enterprise-class Web filtering technology used by Blue Coat enterprise customers around the world, and is wrapped in a simple, easy-to-manage software application that is compatible with both Mac and PC computers. To protect against newly discovered threats, K9 Web Protection is continuously updated by the WebPulse™ service, the Blue Coat cloud-based community watch environment that also updates Blue Coat WebFilter™ and ProxyClient® enterprise products. In this community watch environment, the identification of malware by one member is shared with all to prevent infections or other harm.

• More information or Read user reviews...(2)

AutoScan-Network is a network discovering and managing application. No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network. It’s a free software and can be installed on Windows, Linux, Mac, Solaris and Maemo 4.

• More information or Write a review...(0)

Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. It started as Ethereal but was later re-branded as Wireshark due to trademark issues.

• More information or Write a review...(0)

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A diff of the two produced files (ftest.log and ftestd.log) shows the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a firewall. Stateful inspection firewalls are handled with the ‘connection spoofing’ option. A script called freport is also available for automatically parse the log files.

• More information or Write a review...(0)

Revhosts is a project for Passive information Gathering. It’s written in Python, it help pentesters to find informations (Host, VirtualHost, DNS entry, Directories, mail address, subnet,..), with very less false positive.

• More information or Write a review...(0)

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these. What DirBuster can do for you? Attempt to find hidden pages/directories and directories with a web application, thus giving a another attack vector (For example. Finding an unlinked to administration page).

• More information or Write a review...(0)

It’s a blind SQL injection tool developed in Perl. It lets you get databases schemas and tables rows. Using a single GET/POST you can access quietly the database structure and using a single GET/POST you can dump every table row to a csv-like file.

• More information or Write a review...(1)

Nipper is an open source tool that performs a security audit of network device configuration files. The report produced by nipper includes; detailed security-related issues with recommendations, a configuration report and various appendices. nipper was previously known as CiscoParse. Nipper currently supports the following devices: Cisco Switches (IOS), Cisco Routers (IOS), Cisco Firewalls (PIX, ASA, FWSM), Cisco Catalysts (NMP, CatOS, IOS), Cisco Content Service Switches (CSS) and Juniper NetScreen Firewalls (ScreenOS).

• More information or Read user reviews...(1)

Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable DB server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a DB Server when a SQL Injection vulnerability has been discovered.

• More information or Write a review...(0)

Pixy is a Java program that performs automatic scans of PHP source code, aimed at the detection of XSS and SQL injection vulnerabilities. Pixy takes a PHP program as input, and creates a report that lists possible vulnerable points in the program, together with additional information for understanding the vulnerability.

• More information or Write a review...(1)