Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Tools Update - Last Week of March 2010

From: "SD List" <list () security-database com>
Date: Mon, 5 Apr 2010 23:00:03 +0200 (CEST)

Hello

Here is the site's newsletter "Security Database Tools Watch"
(http://www.security-database.com/toolswatch).
This letter summarizes the articles and news items published since 7 days.


         New articles
         --------------------------


** Focus on Zero Wine Tryouts Malware Analyzer Alpha 2 release **
by  Tools Tracker Team
- 3 April 2010

Zero Wine Tryouts is an open source malware analysis tool. Just upload
your suspicious file (e.g. Windows executable file, PDF file) through the
web interface and let it analyze.

Changes for 20100325

Version Alpha 2

Update Wine. (1.1.41)

Update TrIDDefs.TRD. (3911 file types, 25/03/10)

Improvement view/download function.

Partial rewrite of the calls.py. Makes the signature more readable.

Refactoring some code.

Some minor change.

Fix dump download problem. (Regression)

Some minor (...)

->
http://www.security-database.com/toolswatch/Focus-on-Zero-Wine-Tryouts-Malware.html


** CUPP Common User Passwords Profiler v3 released  **
by  Tools Tracker Team
- 3 April 2010

People spend a lot of time preparing for effective dictionary attack.
Common User Passwords Profiler (CUPP) is made to simplify this attack
method that is often used as last resort in penetration testing and
forensic crime investigations. A weak password might be very short or only
use alphanumeric characters, making decryption simple. A weak password can
also be one that is easily guessed by someone profiling the user, such as a
birthday, nickname, address, name of a pet or relative, or a (...)

-> http://www.security-database.com/toolswatch/CUPP-v3-released.html


** (update) Skipfish Active web application scanner v1.29b released **
by  Tools Tracker Team
- 2 April 2010

Skipfish is an active web application security reconnaissance tool. It
prepares an interactive sitemap for the targeted site by carrying out a
recursive crawl and dictionary-based probes. The resulting map is then
annotated with the output from a number of active (but hopefully
non-disruptive) security checks.

Key Features:

High performance: 500+ requests per second against responsive Internet
targets, 2000+ requests per second on LAN / MAN networks, and 7000+
requests against local (...)

->
http://www.security-database.com/toolswatch/Skipfish-Active-web-application,1145.html


** OSSEC v2.4 released **
by  Tools Tracker Team
- 2 April 2010

OSSEC is a scalable, multi-platform, open source Host-based Intrusion
Detection System (HIDS). It has a powerful correlation and analysis engine,
integrating log analysis, file integrity checking, Windows registry
monitoring, centralized policy enforcement, rootkit detection, real-time
alerting and active respons

The following is the changelog for OSSEC version 2.4.

Changelog:

Added more options to filter by user and srcip on reportd.

Fixed init script for gentoo that was failing if (...)

-> http://www.security-database.com/toolswatch/OSSEC-v2-4-released.html


** Kon-Boot "root a box" on the fly v1.1 in the wild **
by  Tools Tracker Team
- 2 April 2010

Kon-Boot is an prototype piece of software which allows to change contents
of a linux kernel (and now Windows kernel also!!!) on the fly (while
booting). In the current compilation state it allows to log into a linux
system as 'root' user without typing the correct password or to elevate
privileges from current user to root.

Our first article on kon-boot

For Windows systems it allows to enter any password protected profile
without any knowledge of the password. It was acctually started as (...)

->
http://www.security-database.com/toolswatch/Kon-Boot-root-a-box-on-the-fly-v1.html


** CMS Explorer v1.0 released - Discover the CMS components behind the
site - **
by  Tools Tracker Team
- 2 April 2010

CMS Explorer is designed to reveal the the specific modules, plugins,
components and themes that various CMS driven web sites are running.

Additionally, CMS Explorer can be used to aid in security testing. While
it performs no direct security checks, the "explore" option can be used to
reveal hidden/library files which are not typically accessed by web clients
but are nonetheless accessible. This is done by retrieving the module's
current source tree and then requesting those file names (...)

->
http://www.security-database.com/toolswatch/CMS-Explorer-v1-released-Discover.html


** Metasploit 3.3.3-Tokamac Released **
by  Tools Tracker Team
- 1 April 2010

The Metasploit Framework is a development platform for creating security
tools and exploits. The framework is used by network security professionals
to perform penetration tests, system administrators to verify patch
installations, product vendors to perform regression testing, and security
researchers world-wide. The framework is written in the Ruby programming
language and includes components written in C and assembler.

The latest release of the Metasploit Cyber Warfare (...)

->
http://www.security-database.com/toolswatch/Metasploit-3-3-3-Tokamac-Released.html


** WireShark 1.2.7 released **
by  Tools Tracker Team
- 1 April 2010

Wireshark is the world’s most popular network protocol analyzer. It has
a rich and powerful feature set and runs on most computing platforms
including Windows, OS X, Linux, and UNIX. Network professionals, security
experts, developers, and educators around the world use it regularly. It is
freely available as open source, and is released under the GNU General
Public License version 2

Wireshark 1.2.7 (stable) has been released. Installers for Windows, Mac OS
X 10.5.5 and above (...)

->
http://www.security-database.com/toolswatch/WireShark-1-2-7-released.html


** SAINT® v7.3.2 Released **
by  Tools Tracker Team
- 1 April 2010

SAINT is the Security Administrator’s Integrated Network Tool. It is
used to non-intrusively detect security vulnerabilities on any remote
target, including servers, workstations, networking devices, and other
types of nodes. It will also gather information such as operating system
types and open ports. The SAINT graphical user interface provides access to
SAINT’s data management, scan configuration, scan scheduling, and data
analysis capabilities through a web browser. Different aspects of (...)

->
http://www.security-database.com/toolswatch/SAINT-R-v7-3-2-Released-Now-OVAL.html


** Security-Database integrates CWE 1.8 **
by  Tools Tracker Team
- 1 April 2010

CWE (Common Weakness Enumeration) is a community-developed formal list of
common software weaknesses. It serves as a common language for describing
software security weaknesses, a standard measuring stick for software
security tools targeting these vulnerabilities, and as a baseline standard
for weakness identification, mitigation, and prevention efforts.

As an effort to be fully compliant, we've integrated the latest CWE
release.

You can browse the CWE list at (...)

->
http://www.security-database.com/toolswatch/Security-Database-integrates-CWE-1.html


** (EXCLUSIVE) Jolicloud the Netbook OS v0.9 pre-final released **
by  Tools Tracker Team
- 31 March 2010

Jolicloud "pre-final", a new oriented OS netbooks based on Ubuntu, has
just been released after a number of important updates and improvements,
including a new platform HTML 5 ready for Web applications and also manager
of new 3G + network with over 100 models of supported cards.

Jolicloud Express, the Windows installer has been translated into French,
English, German and many other additional languages are in progress.

Jolicloud is no more in beta stage, one's can safely install the (...)

->
http://www.security-database.com/toolswatch/EXCLUSIF-Jolicloud-the-Netbook-OS.html


** OWASP Enterprise Security API 2.0 rc6 released **
by  Tools Tracker Team
- 31 March 2010

ESAPI (The OWASP Enterprise Security API) is a free, open source, web
application security control library that makes it easier for programmers
to write lower-risk applications. The ESAPI libraries are designed to make
it easier for programmers to retrofit security into existing applications.
The ESAPI libraries also serve as a solid foundation for new development.

Dependencies (...)

->
http://www.security-database.com/toolswatch/OWASP-Enterprise-Security-API-2.html


** W3AF v1.0-rc3 released **
by  Tools Tracker Team
- 31 March 2010

w3af, is a Web Application Attack and Audit Framework. The w3af core and
it’s plugins are fully written in python. The project has more than 130
plugins, which check for SQL injection, cross site scripting (xss), local
and remote file inclusion and much

The development team is proud to announce a new w3af release! Some of the
features of the 1.0-rc3 version are:

Enhanced GUI, including huge changes in the MITM proxy and the Fuzzy
Request Editor

Increased speed by rewriting parts of the (...)

-> http://www.security-database.com/toolswatch/W3AF-v1-rc3-released.html


** pvefindaddr updated to v1.27 **
by  Tools Tracker Team
- 30 March 2010

pvefindaddr is a PyCommand (plugin) for Immunity Debugger. Immunity
Debugger is a powerful new way to write exploits, analyze malware, and
reverse engineer binary files. It builds on a solid user interface with
function graphing, the industry’s first heap analysis tool built
specifically for heap creation, and a large and well supported Python API
for easy extensibility.

Drop the file in the pycommands folder within your Immunity Debugger
installation folder. You can get the list of (...)

->
http://www.security-database.com/toolswatch/pvefindaddr-updated-to-v1-27.html


** DBAPPSecurity web application scanner MatriXay 3.6 was released **
by  Tools Tracker Team
- 30 March 2010

Source - http://www.professionalsecuritytesters.org/

Features:

In-depth Scan: risk-oriented in-depth scanning on web application can
access to back-end database information and web application list.

Web Vulnerability Detection: detect all kinds of typical web
vulnerabilities deeply (such as SQL injection, Xpath injection, XSS, the
form around, form weak password, all kinds of CGL vulnerabilities.)

Web Trojan Detection: analyze a variety of linked Trojan automatically,
effectively and (...)

->
http://www.security-database.com/toolswatch/DBAPPSecurity-web-application.html


** Buck Security - Checks for Debian Linux - v0.5 released **
by  Tools Tracker Team
- 30 March 2010

Buck Security is a collection of security checks for Linux. It was
designed for Debian and Ubuntu servers, but can be useful for any Linux
system. The aim of Buck Security is, to allow you to get a quick overview
of the security status of your system. As a linux system administrator -
but also as a normal linux user - you often wonder if your system is secure


Features

Searching for worldwriteable files

Searching for worldwriteable directories

Searching for programs where the setuid is (...)

->
http://www.security-database.com/toolswatch/Buck-Security-Security-Checks-for.html


** pwnat tool v0.2-beta released **
by  Tools Tracker Team
- 30 March 2010

pwnat, pronounced "poe-nat", is a tool that allows any number of clients
behind NATs to communicate with a server behind a separate NAT with *no*
port forwarding and *no* DMZ setup on any routers in order to directly
communicate with each other. The server does not need to know anything
about the clients trying to connect.

Simply put, this is a proxy server that works behind a NAT, even when the
client is behind a NAT, without any 3rd party.

There is no middle man, no proxy, no 3rd party, (...)

->
http://www.security-database.com/toolswatch/pwnat-tool-v0-2-beta-released.html


** Nmap v5.30 beta 1 in the wild - doped with scripts - **
by  Tools Tracker Team
- 30 March 2010

Nmap ("Network Mapper") is a free open source utility for network
exploration or security auditing. It was designed to rapidly scan large
networks, although it works fine against single hosts. Nmap uses raw IP
packets in novel ways to determine what hosts are available on the network,
what services (application name and version) those hosts are offering, what
operating systems (and OS versions) they are running, what type of packet
filters/firewalls are in use, and dozens of other (...)

->
http://www.security-database.com/toolswatch/Nmap-v5-30-beta-1-in-the-wild.html


** OpenSSL 1.0.0 Released .. after all these years !!! **
by  Tools Tracker Team
- 29 March 2010

The OpenSSL Project is a collaborative effort to develop a robust,
commercial-grade, full-featured, and Open Source toolkit implementing the
Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1)
protocols as well as a full-strength general purpose cryptography library
managed by a worldwide community of volunteers that use the Internet to
communicate, plan, and develop the OpenSSL toolkit and its related
documentation.

Changelog

New -sigopt option to the ca, req and x509 (...)

->
http://www.security-database.com/toolswatch/OpenSSL-1-Released-after-all-these.html


** Mobius Forensic Toolkit v0.5.3 released **
by  ToolsTracker
- 29 March 2010

Mobius Forensic Toolkit is an open-source forensic framework written in
Python/GTK that manages cases and case items, providing an abstract
interface for developing extensions. Cases and item categories are defined
using XML files, for easy integration with other tools.

Version 0.5.3

xml-pickle: serialize dict items as tuples

xml-pickle: do not save 'value' for NoneType's

xml-pickle: do not save 'value' for bools = False

xml-pickle: handle python objects circular references (...)

->
http://www.security-database.com/toolswatch/Mobius-Forensic-Toolkit-v0-5-3.html


** PDFResurrect v0.10 released **
by  ToolsTracker
- 29 March 2010

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format
allows for previous document changes to be retained in a more recent
version of the document, thereby creating a running history of changes for
the document. This tool attempts to extract all previous versions while
also producing a summary of changes between versions.

Version 0.10

main.c: Add additional copyright year

pdf.c: Allow for creation data to be pulled from objects as well as inline


Removed strdup and used (...)

->
http://www.security-database.com/toolswatch/PDFResurrect-v0-10-released.html


** Vicnum v1.4 released **
by  ToolsTracker
- 29 March 2010

A lightweight flexible vulnerable web application written in PERL and PHP.
It demonstrates common web application vulnerabilities such as cross site
scripting and session management issues.

Vicnum is helpful to IT auditors who need to hone web security skills and
can also be used by those setting up 'capture the flag' exercises or by
those who just want to have some fun with web assessments.

Vicnum the basics

A vulnerable web app using LAMP

Perl

PHP

Packaged as a Ubuntu (...)

-> http://www.security-database.com/toolswatch/Vicnum-v1-4-released.html


** Seccubus v1.4.1 released **
by  ToolsTracker
- 29 March 2010

Seccubus automates regular vulnerability scans with Nessus and OpenVAS and
provides delta reporting.

Why?

Anyone who has ever used Nessus or OpenVAS will be familiar with one of
their biggest drawbacks. They a very valuable tools, but unfortunately it
is also very noisy. The time needed to report on the findings of a scan
will often be two or three times the time needed to do the actual scan.
Seccubus was created in order to more effectively analyze the results of
regular (...)

->
http://www.security-database.com/toolswatch/Seccubus-v1-4-1-released.html


** plecost v0.2.2-8 Beta released **
by  ToolsTracker
- 29 March 2010

Wordpress finger printer tool search and retrieve information about the
plugins versions installed in Wordpress systems.

It can analyze a single URL or perform an analysis based on the results
indexed by Google. Additionally displays CVE code associated with each
plugin, if there.

Libraries

xgoogle

Plecost works in two modes. On the one hand by analyzing a single URL and
the other analyzing the results of Google searches (-G).

Google search options: -l num : Limit number of (...)

->
http://www.security-database.com/toolswatch/plecost-v0-2-2-8-Beta-released.html


** Spiceworks v4.6.48961 released **
by  ToolsTracker
- 29 March 2010

Spiceworks is the complete network management & monitoring, helpdesk, PC
inventory & software reporting solution to manage Everything IT in small
and medium businesses.

Spiceworks Lets You...

Inventory Your Network & PCs

Monitor & Manage Your Network

Manage Your IT Assets

Manage Changes & Configurations

Map Your NetworkBETA

Audit Your Software

Troubleshoot Your Network

Run an IT Help Desk

Be an MSP

Talk to IT Pros Like You

Spiceworks IT Desktop is designed for

IT Pros who have (...)

->
http://www.security-database.com/toolswatch/Spiceworks-v4-6-48961-released.html


** Zenamics released BinCrowd the First collaborative reverse engineering
tool **
by  Tools Tracker Team
- 28 March 2010

BinCrowd is a collaborative reverse engineering tool that can be used by
reverse engineers to keep a repository of reverse engineered information
and share this information with friends and colleagues.

The core technology behind BinCrowd is basically a huge database of
function information which can be accessed using BinDiff-style algorithms.
This allows you to efficiently store information about disassembled
functions in a database and to use that database to compare functions from
(...)

->
http://www.security-database.com/toolswatch/Zenamics-released-BinCrown-the.html


** StreamArmor v1.0 the advanced forensics tool released **
by  Tools Tracker Team
- 28 March 2010

StreamArmor is the sophisticated tool for discovering hidden alternate
data streams (ADS) as well as clean them completely from the system. It's
advanced auto analysis coupled with online threat verification mechanism
makes it the best tool available in the market for eradicating the evil
streams

StreamArmor has built-in advanced file type detection mechanism which
examines the content of file to accurately detect the file type of stream.
This makes it great tool in forensic analysis in (...)

->
http://www.security-database.com/toolswatch/StreamArmor-v1-the-advanced.html


** Keykeriki release v2 in the wild : exploiting the wireless devices **
by  Tools Tracker Team
- 28 March 2010

Remote-Exploit is proud to present the universal wireless keyboard
sniffer: Keykeriki. This opensource hardware and software project enables
every person to verify the security level of their own keyboard
transmissions, and/or demonstrate the sniffing attacks (for educational
purpose only). The hardware itself is designed to be small and versatile,
it can be extended to currently undetected/unknown keyboard traffic, and/or
hardware extensions, for example, a repeating module or amplifier (...)

->
http://www.security-database.com/toolswatch/Keykeriki-release-v2-in-the-wild.html


** OWASP Broken Web Applications v0.91rc1 available **
by  Tools Tracker Team
- 27 March 2010

The Open Web Application Security Project (OWASP) Broken Web Applications
Project is distributed as a Virtual Machine in VMware format compatible
with their no-cost VMware Player and VMware Server products (along with
their commercial products).

The Open Web Application Security Project (OWASP) Broken Web Applications
Project is distributed as a Virtual Machine in VMware format compatible
with their no-cost VMware Player and VMware Server products (along with
their commercial (...)

->
http://www.security-database.com/toolswatch/OWASP-Broken-Web-Applications-v0.html


** pwnat tool v0.1-beta bypassing NAT **
by  Tools Tracker Team
- 27 March 2010

pwnat, pronounced "poe-nat", is a tool that allows any number of clients
behind NATs to communicate with a server behind a separate NAT with *no*
port forwarding and *no* DMZ setup on any routers in order to directly
communicate with each other. The server does not need to know anything
about the clients trying to connect.

Simply put, this is a proxy server that works behind a NAT, even when the
client is behind a NAT, without any 3rd party.

There is no middle man, no proxy, no 3rd party, (...)

->
http://www.security-database.com/toolswatch/pwnat-tool-v0-1-beta-bypassing-NAT.html



         New news items
         --------------------------


* CWE v1.8 just released and integrated in Security-Database *
- 1 April 2010

CWE (Common Weakness Enumeration) is a community-developed formal list of
common software weaknesses. It serves as a common language for describing
software security weaknesses, a standard measuring stick for software
security tools targeting these vulnerabilities, and as a baseline standard
(...)

->
http://www.security-database.com/toolswatch/+CWE-v1-8-just-released-and+.html

Regards

Security-Database.com team


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: