Tools Update - third week of december 2009

["SD List" <list () security-database com>]

Hello

Here is the site's newsletter "Security Database Tools Watch"
(http://www.security-database.com/toolswatch).
This letter summarizes the articles and news items published since 7 days.


         New articles
         --------------------------


** Pentoo 2009.0 final is there **
by  Tools Tracker Team
- 18 December 2009

Pentoo is a Live CD and Live USB designed for penetration testing and
security assessment. Based on Gentoo Linux, Pentoo includes Nessus and
Metasploit for penetration testing and security assessment. The user
interface is the Enlightenment window manager. Pentoo is optimized for
Pentium III architecture. Pentoo supports package modularity in the same
fashion that Slax does.

The most notable changes:

New kernel 3.6.31.6 with aufs and squashfs-lzma

New wifi stack 2.6.32_rc7 with injection (...)

->
http://www.security-database.com/toolswatch/Pentoo-2009-final-is-there.html


** hostmap v0.2 - hostname discovery tool **
by  ToolsTracker
- 18 December 2009

hostmap is a free, automatic, hostnames and virtual hosts discovery tool
written in Ruby, licensed under GNU General Public License version 3
(GPLv3). It's goal is to enumerate all hostnames and configured virtual
hosts on an IP address. The primary users of hostmap are professionals
performing vulnerability assessments and penetration tests.

hostmap helps you using several techniques to enumerate all the hostnames
associated with an IP address.

The major features are:

DNS names and (...)

->
http://www.security-database.com/toolswatch/hostmap-v0-2-hostname-discovery.html


** CAT the manual web application penetration testing application released
**
by  Tools Tracker Team
- 18 December 2009

CAT is an application to facilitate manual web application penetration
testing. It was designed to cope with a more demanding level of application
testing, taking away some of the more repetitive nature of testing and
allowing the tester to focus their time instead on the individual
application, enabling them to conduct a much more thorough test.

There are a number of features which CAT has to enable a wide variety of
testing to be conducted:

Request Repeater – Used for repeating a single (...)

->
http://www.security-database.com/toolswatch/CAT-the-manual-web-application.html


** Kismac v0.3 released : The OSX Wireless Sniffer **
by  Tools Tracker Team
- 18 December 2009

KisMAC is an open-source and free sniffer/scanner application for Mac OS
X. It has an advantage over MacStumbler / iStumbler / NetStumbler in that
it uses monitor mode and passive scanning.

KisMAC supports several third party PCMCIA cards: Orinoco, PrismII, Cisco
Aironet, Atheros and PrismGT. USB devices with Intersil Prism2, Ralink
rt2570 and rt73, and Realtek rtl8187 chipsets are in progress towards full
support as well. All of the internal AirPort hardware is supported for
scanning. (...)

->
http://www.security-database.com/toolswatch/Kismac-v0-3-released-The-OSX.html


** Focus on Airoscript NG version 1.0 **
by  Tools Tracker Team
- 18 December 2009

Airoscript is a text-user-interface (TUI) for aircrack-ng. A great
companion to make your life easier on wifi pentesting. Various attacks are
available, such as chopchop, fragmentation attack, fakeauth, deauth,
dictionary attacks and WPA cracking.

Fixed client selection menu

External functions now works

Fixed regex that breaked iw2200

F@@@ dos line endings in makefiles.

Lots of minor changes

Cosmetics on non-existant unstable functions

Splitted some functions from menu here (...)

->
http://www.security-database.com/toolswatch/Focus-on-Airoscript-NG-version-1.html


** SpiceWorks v4.5 available **
by  Tools Tracker Team
- 18 December 2009

Spiceworks is the complete network management & monitoring, helpdesk, PC
inventory & software reporting solution to manage Everything IT in small
and medium businesses.

Spiceworks Lets You...

Inventory Your Network & PCs

Monitor & Manage Your Network

Manage Your IT Assets

Manage Changes & Configurations

Map Your NetworkBETA

Audit Your Software

Troubleshoot Your Network

Run an IT Help Desk

Be an MSP

Talk to IT Pros Like You

Spiceworks IT Desktop is designed for

IT Pros who have (...)

->
http://www.security-database.com/toolswatch/SpiceWorks-v4-5-available.html


** Wireshark v1.2.5 released **
by  ToolsTracker
- 18 December 2009

Wireshark is the world’s most popular network protocol analyzer. It has
a rich and powerful feature set and runs on most computing platforms
including Windows, OS X, Linux, and UNIX. Network professionals, security
experts, developers, and educators around the world use it regularly. It is
freely available as open source, and is released under the GNU General
Public License version 2

Version 1.2.5

Bug Fixes

The following vulnerabilities have been fixed. See the security advisory
(...)

->
http://www.security-database.com/toolswatch/Wireshark-v1-2-5-released.html


** Samhain v2.6.0 released **
by  ToolsTracker
- 16 December 2009

The samhain open source host-based intrusion detection system (HIDS)
provides file integrity checking and logfile monitoring/analysis, as well
as rootkit detection, port monitoring, detection of rogue SUID executables,
and hidden processes.

It has been designed to monitor multiple hosts with potentially different
operating systems, providing centralized logging and maintenance, although
it can also be used as standalone application on a single host.

Samhain is a multiplatform (...)

-> http://www.security-database.com/toolswatch/Samhain-v2-6-released.html


** Lynis version 1.2.9 just released **
by  Tools Tracker Team
- 16 December 2009

Lynis is an auditing tool for Unix (specialists). It scans the system and
available software, to detect security issues. Beside security related
information it will also scan for general system information, installed
packages and configuration mistakes.

New:

Support for Squid3

Added Squid unsafe ports check [SQD-3624]

Added Squid configuration file permission check [SQD-3613]

Added Squid test: reply_body_max_size option [SQD-3630]

Added /etc/init.d/rc and /etc/init.d/rcS to umask (...)

->
http://www.security-database.com/toolswatch/Lynis-version-1-2-9-just-released.html


** Mobius Forensic Toolkit v0.5 released **
by  ToolsTracker
- 16 December 2009

Mobius Forensic Toolkit is an open-source forensic framework written in
Python/GTK that manages cases and case items, providing an abstract
interface for developing extensions. Cases and item categories are defined
using XML files, for easy integration with other tools.

Version 0.5

module mobius.model.extension renamed to mobius.extension

mobius.extension.Compiler compiles .xml extensions to .py

extensions now have callbacks

part-model: uses callbacks

date-code: uses callbacks (...)

->
http://www.security-database.com/toolswatch/Mobius-Forensic-Toolkit-v0-5.html


** Dradis v2.4.1 released **
by  ToolsTracker
- 16 December 2009

Dradis is an open source framework to enable effective information
sharing. Dradis is a self-contained web application that provides a
centralised repository of information to keep track of what has been done
so far, and what is still ahead.

Features include:

Easy report generation.

Support for attachments.

Integration with existing systems and tools through server plugins.

Platform independent.

Version 2.4.1

SERVER:

Plugin improvements

Nmap Upload is now using the Nmap::Parser (...)

-> http://www.security-database.com/toolswatch/Dradis-v2-4-1-released.html


** Ninja v0.1.3 - privilege escalation detection and prevention **
by  ToolsTracker
- 16 December 2009

Ninja is a privilege escalation detection and prevention system for
GNU/Linux hosts. While running, it will monitor process activity on the
local host, and keep track of all processes running as root. If a process
is spawned with UID or GID zero (root), ninja will log necessary
information about this process, and optionally kill the process if it was
spawned by an unauthorized user.

Version 0.1.3 (03-12-2009)

general: bumped version to 0.1.3

log.c do va_start() before writing to (...)

->
http://www.security-database.com/toolswatch/Ninja-v0-1-3-privilege-escalation.html


** Metasploit Framework v3.3.2 released **
by  ToolsTracker
- 16 December 2009

The Metasploit Framework is a development platform for creating security
tools and exploits. The framework is used by network security professionals
to perform penetration tests, system administrators to verify patch
installations, product vendors to perform regression testing, and security
researchers world-wide. The framework is written in the Ruby programming
language and includes components written in C and assembler.

Metasploit Framework v3.3.2

Metasploit now has 463 exploit (...)

->
http://www.security-database.com/toolswatch/Metasploit-Framework-v3-3-2.html


** SSHatter v1.0 - Password brute forcer for SSH  **
by  ToolsTracker
- 16 December 2009

Password brute forcer for SSH.

Version 1.0

Fixed minor bug where command succeeds but there is no output

Added dumb mode (-d), where SSHatter will check password equals password,
username and blank. Cheers Mylestro

Added sudo mode (-0), where SSHatter will echo the password to STDIN

Added rudimentry file transfer modes (-P/-G), these also work
interactively via "put" and "get"

Improved usage message

SSHatter makes use of a number of standard Perl libraries:

Parallel::ForkManager (...)

->
http://www.security-database.com/toolswatch/SSHatter-v1-Password-brute-forcer.html


** Acunetix WVS v6.5 build 20091215 released **
by  ToolsTracker
- 15 December 2009

Acunetix Web Vulnerability Scanner (WVS) is an automated web application
security testing tool that audits your web applications by checking for
exploitable hacking vulnerabilities. Automated scans may be supplemented
and cross-checked with the variety of manual tools to allow for
comprehensive web site and web application penetration testing.

An updated build for Acunetix WVS Version 6.5 has been released with a
number of improvements, bug fixes, and a number of new security checks.

New (...)

->
http://www.security-database.com/toolswatch/Acunetix-WVS-v6-5-build-20091215.html


** Scapy version 2.1.0 available **
by  Tools Tracker Team
- 15 December 2009

Scapy is a powerful interactive packet manipulation tool, packet
generator, network scanner, network discovery tool, and packet sniffer. It
provides classes to interactively create packets or sets of packets,
manipulate them, send them over the wire, sniff other packets from the
wire, match answers and replies, and more. Interaction is provided by the
Python interpreter, so Python programming structures can be used (such as
variables, loops, and functions). Report modules are possible and (...)

->
http://www.security-database.com/toolswatch/Scapy-version-2-1-available.html


** OSWA-Assistant v0.9.0.6h released **
by  Tools Tracker Team
- 12 December 2009

The OSWA™-Assistant is a no-Operating-System-required standalone toolkit
which is solely focused on wireless auditing. As a result, in addition to
the usual WiFi (802.11) auditing tools, it also covers Bluetooth and RFID
auditing. Using the toolkit is as easy as popping it into your computer’s
CDROM and making your computer boot from it!

This is a maintenance release with more Ralink cards supported (due to
changes in vendor IDs reported by certified OSWAs & various other people)
and (...)

->
http://www.security-database.com/toolswatch/OSWA-Assistant-v0-9-6h-released.html

Regards

Nabil OUCHN
CEO & Founder
Security-Database
France

Maximiliano Soler
ToolWatch Leader
Security-Database
Argentina


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------