Security Tools News & Tips

Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. It started as Ethereal but was later re-branded as Wireshark due to trademark issues.

• More information or Write a review...(0)

Sandcat is a feature-rich and advanced web application security scanner. It’s a windows based application which helps to scan emerging Web 2.0 technologies such as AJAX, traditional Web technologies, and Web programming languages such as PHP. Sandcat’s fast engine interacts with a truly unique, up-to-date and extremely extensive database of checks and uses sophisticated techniques such as the newly introduced filter evasion and false positive reduction to give you stunning results. Sandcat has a free and pro versions.

• More information or Write a review...(0)

Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine. The result is a security index of the system that is given after each execution. Babel Enterprise has a version of its agent for each of the latest Microsoft operating systems, Windows 2003 and Windows XP, and the main Unix system: Solaris 10, AIX 5.x, SUSE GNU/Linux 9 ES and Ubuntu Dapper, although they can be easily adapted to different versions and other UNIX OSs (such as BDS or HP-UX ).

• More information or Write a review...(1)

McAfee Rootkit Detective 1.0 is a free program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the Windows system. This program is not dependent on any signatures and can proactively detect most of the existing and upcoming rootkits and allow the user to clean them. Some of the features of Rootkit Detective:
* Designed to proactively detect the system objects like processes, files and registry that are hidden to the user.
* Provides information about all running processes in the system.
* Provides information about various system hooks like SSDT(System Service Descriptor Table) hooks, user/kernel IAT/EAT(Import/Export Address Table) hooks.
* Allows the user to clean/remove the malicious objects from the system by renaming/deleting the hidden files/registry.
* Allows the user to terminate the malicious processes.
* Users can submit samples using the submission feature present in the tool.
* Users can also collect the samples manually after renaming them and submit to stinger@avertlabs.com for further analysis.

• More information or Write a review...(1)

Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language. The Sussen project is comprised of three main components:

Interpreter – This library can analyze a system using OVAL definition files. It comes with documentation and a test suite. All the other components depend on it. This can also be used by application developers who wish to add this kind of functionality to their applications.
Applet – A GNOME-based applet for your desktop. Allows users to easily scan their systems for vulnerabilities.
Agent – A command line program for scanning a system.

The interpreter takes a set of OVAL definitions and starts to collect characteristics and configuration information about the target system. These are non-destructive probes and are not running any exploit code. After the data collection is complete it analyzes each OVAL definition and sees if the conditions were met on the target system. When the analysis is complete the results are presented to the user.

• More information or Write a review...(1)

SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page. For now it is SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode). Indeed, the normal mode is basically the SQL command that someone will put in the parameter sent to the server.

• More information or Write a review...(1)

The Secunia Personal Software Inspector (Beta) detects installed software and categorises your software as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Highlights of The Secunia PSI: The Secunia PSI will be available free of charge; Calculates your unique Secunia System Score; Automatically scans your computer; Enables you to update Insecure/End-of-Life software; Provides Direct Download Links to security updates & patches; Detects and advises on more than 4,200 applications; Direct correlation between thousands of Secunia Advisories and your specific system and software; Secure SSL encrypted connection to Secunia.

• More information or Write a review...(1)

LCP is a free Windows password cracker created to replace the very popular L0phtCrack since Symantec stopped it’s development. LCP uses combination of dictionary and brute force attacks to guess the passwords. LCP can crack common passwords in matter of seconds, the more advanced passwords with numbers and characters take longer. LCP helps administrators to identify and remediate security vulnerabilities that result from the use of weak or easily guessed passwords. It also helps to recover lost passwords and to streamline migration of users to another authentication system.

• More information or Read user reviews...(2)

SSA (Security System Analyzer) is a free non-intrusive OVAL-Compatible policy compliance and vulnerability assessment software. It provides auditors and security officers a comprehensive solution to keep pace with security compliance requirements (patch management, vulnerability management, software inventories…). Features: OVAL-compatible product; SCAP (Security Content Automation Protocol); Perform a deep inventory audit on installed softwares and applications; Scan and map vulnerabilities using non-intrusive techniques based on schemas; Detect and identify missed patches and hotfixes; Define a patch management deployment strategy using CVSS scores.

• More information or Write a review...(1)

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. DirBuster attempts to find these. What DirBuster can do for you? Attempt to find hidden pages/directories and directories with a web application, thus giving a another attack vector (For example. Finding an unlinked to administration page).

• More information or Write a review...(0)