Penetration Testing mailing list archives
[Tools update] The Security-Database Watch Newsletter -- v20090829
From: "SD List" <list () security-database com>
Date: Mon, 31 Aug 2009 11:45:45 +0200 (CEST)
Dear all, Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. New articles -------------------------- ** SIFA - Secure Information Flow Analyzer ** by ToolsTracker - 28 August 2009 SIFA (Secure Information Flow Analyzer) uses a view-based approach to reason about the possible vulnerabilities of a system from an information security perspective. This includes both normal, intended operating modes and unintended operating states (in the presence of component or system-wide faults, for example). SIFA specialises in the analysis and evaluation of hardware devices, but is generic enough to support analysis over any interconnected structure of components. Download user (...) -> http://www.security-database.com/toolswatch/SIFA-Secure-Information-Flow.html ** HttpWatch v6.1.48 - HTTP viewer and debugger ** by ToolsTracker - 27 August 2009 HttpWatch is an HTTP viewer and debugger that integrates with IE and Firefox to provide seamless HTTP and HTTPS monitoring without leaving the browser window. At the moment, exist two version: to buy and FREE, you can see the differences here. Features A plug-in HTTP viewer for Internet Explorer and Mozilla Firefox See headers, cookies, caching and POST data Supports HTTPS, compression, redirection & chunked encoding Real-time page and request level time charts Your users and (...) -> http://www.security-database.com/toolswatch/HttpWatch-v6-1-48-HTTP-viewer-and.html ** Dranzer v1.9.1 - Testing ActiveX Controls ** by ToolsTracker - 26 August 2009 CERT developed this open source tool so that software developers can test ActiveX controls for vulnerabilities before the software is released to the public. Users must agree to the terms of a license before installing the tool. More information regarding the history, motivations, and rationale for Dranzer is available in Vulnerability Detection in ActiveX Controls through Automated Fuzz (...) -> http://www.security-database.com/toolswatch/Dranzer-v1-9-1-Testing-ActiveX.html ** A new Tools Tracker Leader at Security-Database joined today ** by Tools Tracker Team - 25 August 2009 Security-Database is very happy to announce that Maximiliano Soler is just joining us today as Tools Process Update Leader. Maximiliano works as security consultant at an International Bank in Buenos Aires Argentina. Max was a long time friend of our team and supplied us with many good software and utilities. Welcome on board Maximiliano and happy hackin’ -> http://www.security-database.com/toolswatch/A-new-Tools-Tracker-Leader-at.html ** FindBugs Java Code Analyzer updated to 1.3.9 ** by Tools Tracker Team - 25 August 2009 FindBugs™ is a program to find bugs in Java programs. It looks for instances of "bug patterns" --- code instances that are likely to be errors. Changelog New bug patterns; in some cases, bugs previous reported as other bug patterns are reported as instances of these new bug patterns in order to make it easier for developers to understand the bug reports Providing a bug rank (1-20), and the ability to filter by bug rank. Eventually, it will be possible to specify your own rules for (...) -> http://www.security-database.com/toolswatch/FindBugs-Java-Code-Analyzer,727.html ** Sub7 (SubSeven) is back with a new release 2.3 ** by Tools Tracker Team - 25 August 2009 Sub7, or SubSeven or Sub7Server, is the name of a popular backdoor program. It is mainly used for causing mischief, such as hiding the computer cursor, changing system settings or loading up pornographic websites. However, it can also be used for more serious criminal applications, such as stealing passwords and credit card details. Its name was derived by spelling NetBus backwards ("suBteN") and swapping "ten" with "seven". Among Sub7's capabilities are complete file system access and (...) -> http://www.security-database.com/toolswatch/Sub7-SubSeven-is-baclk-with-a-new.html New news items -------------------------- * A new member joined Security-Database * - 25 August 2009 Security-Database is very happy to announce that Maximiliano Soler is just joining us today as Tools Process Update Leader. Maximiliano works as security consultant at an International Bank in Buenos Aires Argentina. Max was a long time friend of our team and supplied us with many good (...) -> http://www.security-database.com/toolswatch/+A-new-member-joined-Security+.html Regards, N.OUCHN CEO & Founder http://www.security-database.com Keep a vigilant eye on your defenses. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- [Tools update] The Security-Database Watch Newsletter -- v20090829 SD List (Aug 31)