Penetration Testing mailing list archives
[Tools update] The Security-Database Watch Newsletter -- v20090919
From: "SD List" <list () security-database com>
Date: Sat, 19 Sep 2009 22:18:04 +0200 (CEST)
Dear all, Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. New articles -------------------------- ** Graudit source code scanner v1.2 updated ** by Tools Tracker Team - 19 September 2009 Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. Itâs comparable to other static analysis applications like RATS and flaw-finder while keeping the technical requirements to a minimum and being very flexible Changelog Default signatures aimed at low hanging fruit Improved documentation Bug fixes to graudit and (...) -> http://www.security-database.com/toolswatch/Graudit-source-code-scanner-v1-2.html ** Acunetix Application Scanner Version 6.5 build 20090917 released ** by Tools Tracker Team - 17 September 2009 Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing An updated build for Acunetix Version 6.5 has been released with some improvements and bug fixes. New: Added two new blind SQL injection tests (...) -> http://www.security-database.com/toolswatch/Acunetix-Application-Scanner.html ** Wireshark 1.2.2, 1.0.9, and 1.3.0 Released ** by Tools Tracker Team - 16 September 2009 Wireshark® is the worldâs most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2 Wireshark 1.2.2 (stable), 1.0.9 (old stable), and 1.3.0 (development) have been released. Installers for (...) -> http://www.security-database.com/toolswatch/Wireshark-1-2-2-1-9-and-1-3.html ** Nessus v4.0.2 Released ** by ToolsTracker - 16 September 2009 -> http://www.security-database.com/toolswatch/Nessus-v4-2-Released.html ** Origami v1.0.0-beta0 - Parse, Analyze, and Forge PDF documents ** by ToolsTracker - 15 September 2009 Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents. Features Create PDF documents from scratch. Parse existing documents, modify them and recompile them. Explore documents at the object level, going deep into the (...) -> http://www.security-database.com/toolswatch/Origami-v1-beta0-Parse-Analyze-and.html ** PDFResurrect v0.8 - PDF Analysis and Scrubbing Utility ** by ToolsTracker - 15 September 2009 PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. This tool can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise (...) -> http://www.security-database.com/toolswatch/PDFResurrect-v0-8-PDF-Analysis-and.html ** Dradis v2.4.0 available ** by Tools Tracker Team - 14 September 2009 dradis is an open source tool for sharing information during security assessments. It provides a centralized repository of information to keep track of what has been done so far, and what is still ahead. Changelog : server: Plugin improvements Nmap Upload is now using the Nmap::Parser library. Featuring the new OSVDB Import plugin to query the largest independent and open source vulnerability database. Upload plugins. Better progress feedback. Improved error condition checking. (...) -> http://www.security-database.com/toolswatch/Dradis-v2-4-available.html ** N-Stalker Scanner 2009 build 221 released ** by Tools Tracker Team - 14 September 2009 N-Stalker Web Application Security Scanner 2009 Free Edition provides a restricted set of free Web Security Assessment checks to enhance the overall security of your web server infrastructure, using the most complete web attack signature database available in the market - "N-Stealth Web Attack Signature Database". N-Stalker has made available for automatic update its latest build of N-Stalker Web Application Security Scanner 2009 (build 221). Version includes enhancements and fixes, (...) -> http://www.security-database.com/toolswatch/N-Stalker-Scanner-2009-build-221.html Kind Regards, Nabil OUCHN Maximiliano Soler CEO & Founder Tools Watch Manager http://www.security-database.com Keep a vigilant eye on your defenses. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- [Tools update] The Security-Database Watch Newsletter -- v20090919 SD List (Sep 22)