[Tools update] The Security-Database Watch Newsletter -- v20090912

["SD List" <list () security-database com>]

Dear all,

Here is the site's newsletter "Security Database Tools Watch"
(http://www.security-database.com/toolswatch).
This letter summarizes the articles and news items published since 7 days.


          New articles
          --------------------------


** SAINT ® 7.1.2 Released  **
by  Tools Tracker Team
- 11 September 2009

SAINT is the Security Administrator’s Integrated Network Tool. It is
used to non-intrusively detect security vulnerabilities on any remote
target, including servers, workstations, networking devices, and other
types of nodes. It will also gather information such as operating system
types and open ports. The SAINT graphical user interface provides access to
SAINT’s data management, scan configuration, scan scheduling, and data
analysis capabilities through a web browser. Different aspects of (...)

-> http://www.security-database.com/toolswatch/SAINT-R-7-1-2-Released.html


** OVAL interpreter v5.6.1 released **
by  Tools Tracker Team
- 11 September 2009

Open Vulnerability and Assessment Language (OVAL™) is an international,
information security, community standard to promote open and publicly
available security content, and to standardize the transfer of this
information across the entire spectrum of security tools and services. OVAL
includes a language used to encode system details, and an assortment of
content repositories held throughout the community.

Changelog :

Updated to support version 5.6 of the OVAL Language.

Added support (...)

->
http://www.security-database.com/toolswatch/OVAL-interpreter-v5-6-1-released.html


** NetworkMiner v0.89 - Network Forensic Analysis Tool **
by  ToolsTracker
- 11 September 2009

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows.
NetworkMiner can be used as a passive network sniffer/packet capturing tool
in order to detect operating systems, sessions, hostnames, open ports etc.
without putting any traffic on the network.

NetworkMiner can also parse PCAP files for off-line analysis and to
regenerate/reassemble transmitted files and certificates from PCAP files.

The purpose of NetworkMiner is to collect data (such as forensic evidence)
about (...)

->
http://www.security-database.com/toolswatch/NetworkMiner-v0-89-Network.html


** ScanEx vBeta - Scanning for iFrame and Script Injections **
by  ToolsTracker
- 11 September 2009

This is a simple utility which runs against target site and look for
external references and cross domain malicious injections.

There are several vulnerable sites which get manipulated with these types
of injections and compromised. The site gets registered with stopbadware
and other databases as well. This tool helps in doing initial scanning to
look from obvious injections. At this point it is looking into iframe and
script tags as defined in regex file.

This is beta version of the (...)

->
http://www.security-database.com/toolswatch/ScanEx-vBeta-Scanning-for-iFrame.html


** HaraldScan v0.31 - Bluetooth discovery scanning **
by  ToolsTracker
- 11 September 2009

The scanner will be able to determine Major and Minor device class of
device, as well as attempt to resolve the device's MAC address to the
largest known Bluetooth MAC address Vendor list.

The goal of this project is to obtain as many MAC addresses mapped to
device vendors as possible.

HaraldScan v0.31 Released

Added -u option to update MACLIST to most recent version. Added proper
GPLv3 disclaimer and License Fixed other minor bugs (mostly not noticed by
users).

Requirements Linux: (...)

->
http://www.security-database.com/toolswatch/HaraldScan-v0-31-Bluetooth.html


** PenTBox v1.0.1 Beta - Security Suite **
by  ToolsTracker
- 10 September 2009

PenTBox is a Security Suite with programs like Password Crackers, Denial
of Service testing tools (DoS and DDoS), Secure Password Generators,
Honeypots and much more. Destined to test security and stability of
networks.

PenTBox 1.0.1 Beta Released

Modified code to be clearest and more simple in all archives.

Added more exceptions in Honeypot.

Modified Default Web configuration in Honeypot.

Fixed traduction problems in Readmes.

Modified Windows .bat Loader.

Base64 deleted from (...)

->
http://www.security-database.com/toolswatch/PenTBox-v1-1-Beta-Security-Suite.html


** Aircrack-ng v1.0 - Finally Released **
by  ToolsTracker
- 8 September 2009

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can
recover keys once enough data packets have been captured. It implements the
standard FMS attack along with some optimizations like KoreK attacks, as
well as the all-new PTW attack, thus making the attack much faster compared
to other WEP cracking tools.

«Aircrack-ng is a set of tools for auditing wireless networks.»

Version 1.0 - Released 08 September 2009:

airserv-ng: Now works fine between 32 and 64bit OSes. (...)

->
http://www.security-database.com/toolswatch/Aircrack-ng-v1-Finally-Released.html


** (0day) Windows Vista/7 SMB2.0 Remote B.S.O.D PoC **
by  Tools Tracker Team
- 8 September 2009

SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL
REQUEST functionnality. The NEGOTIATE PROTOCOL REQUEST is the first SMB
query a client send to a SMB server, and it's used to identify the SMB
dialect that will be used for futher communication. The vulnerability was
discovered by Laurent Gaffié

Proof of Concept and background here

->
http://www.security-database.com/toolswatch/0day-Windows-Vista-7-SMB2-Remote-B.html


** Netgrok visualizing computer networks in real-time **
by  ToolsTracker
- 8 September 2009

Visualize computer networks in real-time using graph and treemap layouts

Netgrok is a tool for visualizing computer networks in real-time. NetGrok
applies well-known information visualization techniques (overview, zoom &
filter, details on demand) and employs a group-based graph layout and a
treemap to visually organize network data. NetGrok also integrates these
tools with a shared data store that can read PCAP formatted network
captures, capture traces from a live interface, and filter (...)

->
http://www.security-database.com/toolswatch/Netgrok-visualizing-computer.html


** OSSEC v2.2 released **
by  Tools Tracker Team
- 8 September 2009

OSSEC is a scalable, multi-platform, open source Host-based Intrusion
Detection System (HIDS). It has a powerful correlation and analysis engine,
integrating log analysis, file integrity checking, Windows registry
monitoring, centralized policy enforcement, rootkit detection, real-time
alerting and active respons

This is a stability release, with heavy focus on bug fixes, code cleanup
and a few new features. The most notable changes are:

Trend OSCE (Office scan) support - We added rules (...)

-> http://www.security-database.com/toolswatch/OSSEC-v2-2-released.html


** Latest Linux distributions updated **
by  Tools Tracker Team
- 8 September 2009

A Linux distribution (also called GNU/Linux distribution by some vendors
and users) is a member of the family of Unix-like software distributions
built on top of the Linux kernel. Such distributions (often called distros
for short) consist of a large collection of software applications such as
word processors, spreadsheets, media players and database applications.
(source Wikipedia)

Debian Lenny 5.0.3 stable released

Easy Peasy 1.5 stable released

FreeBSD 8.0 - BETA 4 development in (...)

->
http://www.security-database.com/toolswatch/Latest-Linux-distributions-updated.html


** FireCAT 1.5 Mozilla Collections Set released **
by  Tools Tracker Team
- 8 September 2009

Here is a collection built on FireCAT 1.5 project by Security Database
Tools Watch
http://www.security-database.com/toolswatch/FireCAT-1-5-released.html.
Install carefully! Built in FF 3.0.x "portable" ed. The collection project
is created by Claus Valca.

Here is also an article he wrote about "FireCAT 1.5 “Plus” Add-On
Collection".

Source : Claus Valca - Grand Stream Dreams blog

Both of these tools brought be back to the excellent FireCAT 1.5
collection of Firefox add-ons used for (...)

->
http://www.security-database.com/toolswatch/FireCAT-1-5-Mozilla-Collections.html


** mysqloit v0.1 - SQL Injection Takeover Tool **
by  ToolsTracker
- 5 September 2009

MySqloit is a SQL Injection takeover tool focused on LAMP (Linux, Apache,
MySql, PHP) and WAMP (Linux, Apache, MySql, PHP) platforms. It has the
ability to upload and execute metasploit shellcodes through the MySql SQL
Injection vulnerabilities.

Attackers performing SQL injection on a MySQL-PHP platform must deal with
several limitations and constraints. For example, the lack of multiple
statements in one query makes MySQL an unpopular platform for remote code
execution, compared to (...)

->
http://www.security-database.com/toolswatch/mysqloit-v0-1-SQL-Injection.html


** Jasager - Wifi MitM Tool (faking Access Point) **
by  Tools Tracker Team
- 5 September 2009

Jasager is an implementation of Karma designed to run on OpenWrt on the
Fon. It will probably run on most APs with Atheros wifi cards but it was
designed with the Fon in mind as it is a nice small AP which gives it a lot
of scope for use in penetration tests and other related fun.

 A quick highlight of features:

Web interface showing currently connected clients with their MAC address,
IP address (if assigned) and the SSID they associated with

The web interface allows control of all Karma (...)

->
http://www.security-database.com/toolswatch/Jasager-Wifi-MitM-Tool-faking.html


** Spiceworks 4.1.40098 - Updated **
by  ToolsTracker
- 5 September 2009

Spiceworks is the complete network management & monitoring, helpdesk, PC
inventory & software reporting solution to manage Everything IT in small
and medium businesses.

Spiceworks Lets You...

Inventory Your Network & PCs

Monitor & Manage Your Network

Manage Your IT Assets

Manage Changes & Configurations

Map Your NetworkBETA

Audit Your Software

Troubleshoot Your Network

Run an IT Help Desk

Be an MSP

Talk to IT Pros Like You

Spiceworks IT Desktop is designed for

IT Pros who have (...)

->
http://www.security-database.com/toolswatch/Spiceworks-4-1-40098-Updated.html


Regards
Nabil OUCHN                            Maximiliano Soler
CEO & Founder                          Tools Watch Manager
Security-Database.com



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------