Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Security Tools Watch Newsletter - June 2010

From: "SD List" <list () security-database com>
Date: Wed, 30 Jun 2010 18:28:55 +0200 (CEST)
Security Tools Watch Newsletter - June 2010

Get the latest news from http://www.twitter.com/toolswatch
or
Subscribe to Security Tools Watch Group at Linkedin
http://www.linkedin.com/groups?gid=68780&trk=myg_ugrp_ovr


Here is a round-up about the latest tools, software and news about
security IT.


Security News


        •       Collection of Wireless Security Checklist
http://iase.disa.mil/stigs/content_pages/wireless_security.html
        •       CloudShark brings your network capture files to the web
http://www.cloudshark.org/
        •       BackTrack, Present and Future
http://www.backtrack-linux.org/backtrack/backtrack-present-and-future/
        &#8259; BackTrack 5 and Exploit-DB Updates
http://www.offensive-security.com/offsec/backtrack-5-exploit-db-updates/
        •       2010 CWE/SANS Top 25 Most Dangerous Programming Errors v1.04 released
http://cwe.mitre.org/top25/archive/2010/2010_cwe_sans_top25.pdf
        &#8259; CWE Version 1.9 Now Available http://cwe.mitre.org/data/index.html
        &#8259; CWE-79 Cross Site Scripting is now called "Improper
Neutralization of Input During Web Page Generation"
        &#8259; CWE-89 SQL Injection now called "Improper Neutralization of
Special Elements used in an SQL Command"
        &#8259; CWE-78 OS Command Injection now called "Improper Neutralization
of Special Elements used in an OS Command"
        •       NIST 800-53A Revision 1 released
http://csrc.nist.gov/publications/nistpubs/800-53A-rev1/sp800-53A-rev1-final.pdf
        •       Rootkit Analytics – The New Look http://www.rootkitanalytics.com/ (the
guys behind StreamArmor)
        •       The new release of Sipvicious highly used for hacking attempts
specially from Japan and Russian Fed
http://atlas.arbor.net/attacks/2008578
        •       Hakin9 Security VoIP Issue released
http://hakin9.org/magazine/1255-securing-voip
        •       Decrypt a Cisco VPN Password
http://coreygilmore.com/projects/decrypt-cisco-vpn-password/

Tools News

        •       pvefindaddr v1.34 released
http://www.corelan.be:8800/index.php/security/pvefindaddr-py-immunity-debugger-pycommand/

        •       Focus on Fierce Domain Scan version 2.0 http://trac.assembla.com/fierce

        •       Scan IP with http://www.ipvoid.com/ a part of
http://www.novirusthanks.org/ project
        •       Websecurify Security Testing Runtime v0.6 released
http://code.google.com/p/websecurify/
        •       Safe3 SQL Injector v6.2 released http://sourceforge.net/projects/safe3si/
        •       The Dude network monitor v4.0beta1 released
http://www.mikrotik.com/thedude.php
        •       SkipFish 1.44b here http://code.google.com/p/skipfish/downloads/list
        •       Suricata 0.9.2 RC3 Released http://www.openinfosecfoundation.org/
        •       Development - Wireshark 1.4.0rc1 - http://www.wireshark.org/download.html
        •       THC IPV6 attack toolkit v1.1 released http://freeworld.thc.org/thc-ipv6/
        •       SSL Labs assessment engine v1.0.59 improvements (ex- ssllabs acquired
by Qualys) https://www.ssllabs.com
        •       L0phtCrack v6.0.8 released http://www.l0phtcrack.com/download.html
        •       Burp Suite Professional v1.3.06 released
http://releases.portswigger.net/2010/06/v1306.html
        •       WeakNet Linux Release 4.1k Now Available
http://weaknetlabs.com/main/?p=424
        •       Andiparos v1.0 fork of Paros Proxy released
http://code.google.com/p/andiparos/
        •       Shadowcircle is a Free Linux live Pentesting Distribution v2.0
announced http://www.shadowcircle.org/
        •       OWASP JBroFuzz v2.3 released
http://www.owasp.org/index.php/Category:OWASP_JBroFuzz
        •       Cain & Abel 4.9.36 Released http://www.oxid.it/
        •       OpenFISMA Release 2.7 available
http://openfisma.org/content/openfisma-release-27
        •       Get your sipvicious v0.2.6 copy from SVN
http://code.google.com/p/sipvicious/wiki/ChangeLog
        •       Spiceworks release 4.7.52439 Now Available
http://download.spiceworks.com/Spiceworks.exe
        •       SAINT Vulnerability Scanner release v7.4.2 available
http://www.saintcorporation.com/
        •       Adhearsion, a Ruby framework for creating telephone applications,
releases version 0.8.4 http://adhearsion.com/
        •       Netsparker Community Edition - Free Web Application Security Scanner
1.5.0.0 Released! - http://www.mavitunasecurity.com/communityedition/
        •       NeoPwn the First Pentesting Mobile  Environment Beta Release
http://www.neopwn.com/
        •       ThreatFactor Realtime Website Auditing updated to v0.9.1
http://threatfactor.com/
        •       Xplico Network Forensic Analysis Tool v0.5.8 released
http://www.xplico.org/
        •       WhatWeb v0.4.4 released ... WhatWeb has now 160 plugins
http://www.morningstarsecurity.com/research/whatweb

Nabil OUCHN


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: