Penetration Testing mailing list archives
Tools Update - Last Week of March 2010
From: "SD List" <list () security-database com>
Date: Mon, 5 Apr 2010 23:00:03 +0200 (CEST)
Hello Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. New articles -------------------------- ** Focus on Zero Wine Tryouts Malware Analyzer Alpha 2 release ** by Tools Tracker Team - 3 April 2010 Zero Wine Tryouts is an open source malware analysis tool. Just upload your suspicious file (e.g. Windows executable file, PDF file) through the web interface and let it analyze. Changes for 20100325 Version Alpha 2 Update Wine. (1.1.41) Update TrIDDefs.TRD. (3911 file types, 25/03/10) Improvement view/download function. Partial rewrite of the calls.py. Makes the signature more readable. Refactoring some code. Some minor change. Fix dump download problem. (Regression) Some minor (...) -> http://www.security-database.com/toolswatch/Focus-on-Zero-Wine-Tryouts-Malware.html ** CUPP Common User Passwords Profiler v3 released ** by Tools Tracker Team - 3 April 2010 People spend a lot of time preparing for effective dictionary attack. Common User Passwords Profiler (CUPP) is made to simplify this attack method that is often used as last resort in penetration testing and forensic crime investigations. A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a (...) -> http://www.security-database.com/toolswatch/CUPP-v3-released.html ** (update) Skipfish Active web application scanner v1.29b released ** by Tools Tracker Team - 2 April 2010 Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. Key Features: High performance: 500+ requests per second against responsive Internet targets, 2000+ requests per second on LAN / MAN networks, and 7000+ requests against local (...) -> http://www.security-database.com/toolswatch/Skipfish-Active-web-application,1145.html ** OSSEC v2.4 released ** by Tools Tracker Team - 2 April 2010 OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active respons The following is the changelog for OSSEC version 2.4. Changelog: Added more options to filter by user and srcip on reportd. Fixed init script for gentoo that was failing if (...) -> http://www.security-database.com/toolswatch/OSSEC-v2-4-released.html ** Kon-Boot "root a box" on the fly v1.1 in the wild ** by Tools Tracker Team - 2 April 2010 Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel (and now Windows kernel also!!!) on the fly (while booting). In the current compilation state it allows to log into a linux system as 'root' user without typing the correct password or to elevate privileges from current user to root. Our first article on kon-boot For Windows systems it allows to enter any password protected profile without any knowledge of the password. It was acctually started as (...) -> http://www.security-database.com/toolswatch/Kon-Boot-root-a-box-on-the-fly-v1.html ** CMS Explorer v1.0 released - Discover the CMS components behind the site - ** by Tools Tracker Team - 2 April 2010 CMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running. Additionally, CMS Explorer can be used to aid in security testing. While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible. This is done by retrieving the module's current source tree and then requesting those file names (...) -> http://www.security-database.com/toolswatch/CMS-Explorer-v1-released-Discover.html ** Metasploit 3.3.3-Tokamac Released ** by Tools Tracker Team - 1 April 2010 The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler. The latest release of the Metasploit Cyber Warfare (...) -> http://www.security-database.com/toolswatch/Metasploit-3-3-3-Tokamac-Released.html ** WireShark 1.2.7 released ** by Tools Tracker Team - 1 April 2010 Wireshark is the worlds most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2 Wireshark 1.2.7 (stable) has been released. Installers for Windows, Mac OS X 10.5.5 and above (...) -> http://www.security-database.com/toolswatch/WireShark-1-2-7-released.html ** SAINT® v7.3.2 Released ** by Tools Tracker Team - 1 April 2010 SAINT is the Security Administrators Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINTs data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...) -> http://www.security-database.com/toolswatch/SAINT-R-v7-3-2-Released-Now-OVAL.html ** Security-Database integrates CWE 1.8 ** by Tools Tracker Team - 1 April 2010 CWE (Common Weakness Enumeration) is a community-developed formal list of common software weaknesses. It serves as a common language for describing software security weaknesses, a standard measuring stick for software security tools targeting these vulnerabilities, and as a baseline standard for weakness identification, mitigation, and prevention efforts. As an effort to be fully compliant, we've integrated the latest CWE release. You can browse the CWE list at (...) -> http://www.security-database.com/toolswatch/Security-Database-integrates-CWE-1.html ** (EXCLUSIVE) Jolicloud the Netbook OS v0.9 pre-final released ** by Tools Tracker Team - 31 March 2010 Jolicloud "pre-final", a new oriented OS netbooks based on Ubuntu, has just been released after a number of important updates and improvements, including a new platform HTML 5 ready for Web applications and also manager of new 3G + network with over 100 models of supported cards. Jolicloud Express, the Windows installer has been translated into French, English, German and many other additional languages are in progress. Jolicloud is no more in beta stage, one's can safely install the (...) -> http://www.security-database.com/toolswatch/EXCLUSIF-Jolicloud-the-Netbook-OS.html ** OWASP Enterprise Security API 2.0 rc6 released ** by Tools Tracker Team - 31 March 2010 ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. The ESAPI libraries are designed to make it easier for programmers to retrofit security into existing applications. The ESAPI libraries also serve as a solid foundation for new development. Dependencies (...) -> http://www.security-database.com/toolswatch/OWASP-Enterprise-Security-API-2.html ** W3AF v1.0-rc3 released ** by Tools Tracker Team - 31 March 2010 w3af, is a Web Application Attack and Audit Framework. The w3af core and its plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much The development team is proud to announce a new w3af release! Some of the features of the 1.0-rc3 version are: Enhanced GUI, including huge changes in the MITM proxy and the Fuzzy Request Editor Increased speed by rewriting parts of the (...) -> http://www.security-database.com/toolswatch/W3AF-v1-rc3-released.html ** pvefindaddr updated to v1.27 ** by Tools Tracker Team - 30 March 2010 pvefindaddr is a PyCommand (plugin) for Immunity Debugger. Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industrys first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility. Drop the file in the pycommands folder within your Immunity Debugger installation folder. You can get the list of (...) -> http://www.security-database.com/toolswatch/pvefindaddr-updated-to-v1-27.html ** DBAPPSecurity web application scanner MatriXay 3.6 was released ** by Tools Tracker Team - 30 March 2010 Source - http://www.professionalsecuritytesters.org/ Features: In-depth Scan: risk-oriented in-depth scanning on web application can access to back-end database information and web application list. Web Vulnerability Detection: detect all kinds of typical web vulnerabilities deeply (such as SQL injection, Xpath injection, XSS, the form around, form weak password, all kinds of CGL vulnerabilities.) Web Trojan Detection: analyze a variety of linked Trojan automatically, effectively and (...) -> http://www.security-database.com/toolswatch/DBAPPSecurity-web-application.html ** Buck Security - Checks for Debian Linux - v0.5 released ** by Tools Tracker Team - 30 March 2010 Buck Security is a collection of security checks for Linux. It was designed for Debian and Ubuntu servers, but can be useful for any Linux system. The aim of Buck Security is, to allow you to get a quick overview of the security status of your system. As a linux system administrator - but also as a normal linux user - you often wonder if your system is secure Features Searching for worldwriteable files Searching for worldwriteable directories Searching for programs where the setuid is (...) -> http://www.security-database.com/toolswatch/Buck-Security-Security-Checks-for.html ** pwnat tool v0.2-beta released ** by Tools Tracker Team - 30 March 2010 pwnat, pronounced "poe-nat", is a tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly communicate with each other. The server does not need to know anything about the clients trying to connect. Simply put, this is a proxy server that works behind a NAT, even when the client is behind a NAT, without any 3rd party. There is no middle man, no proxy, no 3rd party, (...) -> http://www.security-database.com/toolswatch/pwnat-tool-v0-2-beta-released.html ** Nmap v5.30 beta 1 in the wild - doped with scripts - ** by Tools Tracker Team - 30 March 2010 Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other (...) -> http://www.security-database.com/toolswatch/Nmap-v5-30-beta-1-in-the-wild.html ** OpenSSL 1.0.0 Released .. after all these years !!! ** by Tools Tracker Team - 29 March 2010 The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation. Changelog New -sigopt option to the ca, req and x509 (...) -> http://www.security-database.com/toolswatch/OpenSSL-1-Released-after-all-these.html ** Mobius Forensic Toolkit v0.5.3 released ** by ToolsTracker - 29 March 2010 Mobius Forensic Toolkit is an open-source forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files, for easy integration with other tools. Version 0.5.3 xml-pickle: serialize dict items as tuples xml-pickle: do not save 'value' for NoneType's xml-pickle: do not save 'value' for bools = False xml-pickle: handle python objects circular references (...) -> http://www.security-database.com/toolswatch/Mobius-Forensic-Toolkit-v0-5-3.html ** PDFResurrect v0.10 released ** by ToolsTracker - 29 March 2010 PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. Version 0.10 main.c: Add additional copyright year pdf.c: Allow for creation data to be pulled from objects as well as inline Removed strdup and used (...) -> http://www.security-database.com/toolswatch/PDFResurrect-v0-10-released.html ** Vicnum v1.4 released ** by ToolsTracker - 29 March 2010 A lightweight flexible vulnerable web application written in PERL and PHP. It demonstrates common web application vulnerabilities such as cross site scripting and session management issues. Vicnum is helpful to IT auditors who need to hone web security skills and can also be used by those setting up 'capture the flag' exercises or by those who just want to have some fun with web assessments. Vicnum the basics A vulnerable web app using LAMP Perl PHP Packaged as a Ubuntu (...) -> http://www.security-database.com/toolswatch/Vicnum-v1-4-released.html ** Seccubus v1.4.1 released ** by ToolsTracker - 29 March 2010 Seccubus automates regular vulnerability scans with Nessus and OpenVAS and provides delta reporting. Why? Anyone who has ever used Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately it is also very noisy. The time needed to report on the findings of a scan will often be two or three times the time needed to do the actual scan. Seccubus was created in order to more effectively analyze the results of regular (...) -> http://www.security-database.com/toolswatch/Seccubus-v1-4-1-released.html ** plecost v0.2.2-8 Beta released ** by ToolsTracker - 29 March 2010 Wordpress finger printer tool search and retrieve information about the plugins versions installed in Wordpress systems. It can analyze a single URL or perform an analysis based on the results indexed by Google. Additionally displays CVE code associated with each plugin, if there. Libraries xgoogle Plecost works in two modes. On the one hand by analyzing a single URL and the other analyzing the results of Google searches (-G). Google search options: -l num : Limit number of (...) -> http://www.security-database.com/toolswatch/plecost-v0-2-2-8-Beta-released.html ** Spiceworks v4.6.48961 released ** by ToolsTracker - 29 March 2010 Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses. Spiceworks Lets You... Inventory Your Network & PCs Monitor & Manage Your Network Manage Your IT Assets Manage Changes & Configurations Map Your NetworkBETA Audit Your Software Troubleshoot Your Network Run an IT Help Desk Be an MSP Talk to IT Pros Like You Spiceworks IT Desktop is designed for IT Pros who have (...) -> http://www.security-database.com/toolswatch/Spiceworks-v4-6-48961-released.html ** Zenamics released BinCrowd the First collaborative reverse engineering tool ** by Tools Tracker Team - 28 March 2010 BinCrowd is a collaborative reverse engineering tool that can be used by reverse engineers to keep a repository of reverse engineered information and share this information with friends and colleagues. The core technology behind BinCrowd is basically a huge database of function information which can be accessed using BinDiff-style algorithms. This allows you to efficiently store information about disassembled functions in a database and to use that database to compare functions from (...) -> http://www.security-database.com/toolswatch/Zenamics-released-BinCrown-the.html ** StreamArmor v1.0 the advanced forensics tool released ** by Tools Tracker Team - 28 March 2010 StreamArmor is the sophisticated tool for discovering hidden alternate data streams (ADS) as well as clean them completely from the system. It's advanced auto analysis coupled with online threat verification mechanism makes it the best tool available in the market for eradicating the evil streams StreamArmor has built-in advanced file type detection mechanism which examines the content of file to accurately detect the file type of stream. This makes it great tool in forensic analysis in (...) -> http://www.security-database.com/toolswatch/StreamArmor-v1-the-advanced.html ** Keykeriki release v2 in the wild : exploiting the wireless devices ** by Tools Tracker Team - 28 March 2010 Remote-Exploit is proud to present the universal wireless keyboard sniffer: Keykeriki. This opensource hardware and software project enables every person to verify the security level of their own keyboard transmissions, and/or demonstrate the sniffing attacks (for educational purpose only). The hardware itself is designed to be small and versatile, it can be extended to currently undetected/unknown keyboard traffic, and/or hardware extensions, for example, a repeating module or amplifier (...) -> http://www.security-database.com/toolswatch/Keykeriki-release-v2-in-the-wild.html ** OWASP Broken Web Applications v0.91rc1 available ** by Tools Tracker Team - 27 March 2010 The Open Web Application Security Project (OWASP) Broken Web Applications Project is distributed as a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware Server products (along with their commercial products). The Open Web Application Security Project (OWASP) Broken Web Applications Project is distributed as a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware Server products (along with their commercial (...) -> http://www.security-database.com/toolswatch/OWASP-Broken-Web-Applications-v0.html ** pwnat tool v0.1-beta bypassing NAT ** by Tools Tracker Team - 27 March 2010 pwnat, pronounced "poe-nat", is a tool that allows any number of clients behind NATs to communicate with a server behind a separate NAT with *no* port forwarding and *no* DMZ setup on any routers in order to directly communicate with each other. The server does not need to know anything about the clients trying to connect. Simply put, this is a proxy server that works behind a NAT, even when the client is behind a NAT, without any 3rd party. There is no middle man, no proxy, no 3rd party, (...) -> http://www.security-database.com/toolswatch/pwnat-tool-v0-1-beta-bypassing-NAT.html New news items -------------------------- * CWE v1.8 just released and integrated in Security-Database * - 1 April 2010 CWE (Common Weakness Enumeration) is a community-developed formal list of common software weaknesses. It serves as a common language for describing software security weaknesses, a standard measuring stick for software security tools targeting these vulnerabilities, and as a baseline standard (...) -> http://www.security-database.com/toolswatch/+CWE-v1-8-just-released-and+.html Regards Security-Database.com team ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Tools Update - Last Week of March 2010 SD List (Apr 08)
- Tools Update - Third Week of April 2010 SD List (Apr 26)