Penetration Testing mailing list archives
Tools Update - Last week of March 2010
From: "SD List" <list () security-database com>
Date: Sat, 27 Mar 2010 22:36:31 +0100 (CET)
Hello Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. New articles -------------------------- ** Flint the Firewall Rules Checkup Scanner updated to v1.0.4 ** by Tools Tracker Team - 26 March 2010 Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can: CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that cant match traffic. ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules SANITY CHECK CHANGES to see if new rules create problems. Flint is absolutely free. Theres no catch. You can download the source from our git repository. This isnt the "play at home" version; its our second (...) -> http://www.security-database.com/toolswatch/Flint-the-Firewall-Rules-Checkup.html ** log2timeline updated to v0.4.2 ** by Tools Tracker Team - 26 March 2010 The main purpose of log2timeline is to provide a single tool to parse various log files and artifacts found on suspect systems (and supporting systems, such as network equipment) and produce a body file that can be used to create a timeline, using tools such as mactime from TSK, for forensic investigators. GUI has been written in Perl-GTK2 for creating the timeline. Since the GUI is written in GtK2 it will not work on every OS. It has been tested to work on both Linux (tested on Ubuntu) as (...) -> http://www.security-database.com/toolswatch/log2timeline-updated-to-v0-4-2.html ** WeaknetLabs announced WeakNet Linux IV ** by Tools Tracker Team - 26 March 2010 WeakNet Linux is small enough to fit onto a CD current build 600MB and runs servers directly from the CD including Web / PHP, FTP, SSH, and more. Source WeaknetLabs Development has started! Our new Linux will feature more options and more hacking tools than the last and look 10 times better! So far the details I can give are: FluxBox is still the default WM, boot time is around 15 seconds on an 800MHz AMD laptop. Broadcom drivers inject at high rates. Ath9k injects, Ath5k injects, and RT73 (...) -> http://www.security-database.com/toolswatch/WeaknetLabs-announced-WeakNet.html ** Process Explorer v12 released ** by Tools Tracker Team - 26 March 2010 Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as (...) -> http://www.security-database.com/toolswatch/Process-Explorer-v12-released.html ** SANS Investigative Forensic Toolkit (SIFT) Version 2.0 in the wild ** by Tools Tracker Team - 26 March 2010 The SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the necessary tools to perform a detailed digital forensic examination. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many additional tools and capabilities that can match any modern forensic tool suite. SANS SIFT Workstation 2.0 Overview VMware Appliance Ready to tackle (...) -> http://www.security-database.com/toolswatch/SANS-Investigative-Forensic.html ** ZeroDayScanner SaaS Free Security Scan Service ** by Tools Tracker Team - 25 March 2010 ZeroDayScan is a free security web scanning service brought to you by experienced security experts. The service is provided free of charge. When security experts talk about zero day bugs and exploits they talk about a new security bugs and vulnerabilities that are unknown to others. Zero Day Bug term is derived from the age of the exploit. When a vendor becomes aware of a security hole, there is a race to close it before attackers discover it or the vulnerability becomes public. A "zero (...) -> http://www.security-database.com/toolswatch/ZeroDayScanner-SaaS-Free-Security.html ** OpenScap v0.5.8 released - OVAL API extended ** by Tools Tracker Team - 25 March 2010 The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP. Version 0.5.8 new s-expr parser new probes from unix schema file probe memory optimization xccdf test_results implementation extended OVAL API documentaion (...) -> http://www.security-database.com/toolswatch/OpenScap-v0-5-8-released-OVAL-API.html ** Sip Inspector v1.00 released ** by Tools Tracker Team - 25 March 2010 SIP Inspector is a tool written in JAVA to simulate different SIP messages and scenarios. You can create your own SIP signaling scenarios, customize SIP messages and monitor incoming and outgoing messages. The tool can play RTP streams from a pcap file. Release notes 1.00 Multiple simultaneous calls fully implemented Call generation can be set with respect to calls/second, maximum concurrent calls and total allowed calls If ran as a call generator, upon completion the tool provides a (...) -> http://www.security-database.com/toolswatch/Sip-Inspector-v1-00-released.html ** Burp Suite v1.3.01 released ** by Tools Tracker Team - 25 March 2010 Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility. This beta release introduces a large number of new features and other enhancements to Burp Intruder. A brief summary (...) -> http://www.security-database.com/toolswatch/Burp-Suit-v1-3-1-released.html ** PenTBox v1.3.2 FINAL released ** by ToolsTracker - 25 March 2010 PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security/stability of networks and more. Programmed in Ruby, and oriented to GNU/Linux systems (but compatible with Windows, MacOS and more). Version 1.3.2 FTP fuzzing improved and finished. Improved CLI. Improved files working. Now the Honeypot log have a file by default. Added a hping3-based (...) -> http://www.security-database.com/toolswatch/PenTBox-v1-3-2-FINAL-released.html ** SAMHAIN 2.6.4 released ** by Tools Tracker Team - 23 March 2010 The samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. Samhain v2.6.4 Don't read proc_root_iops in sh_kern.c (Problem report by H. R.) Logfile check can check output of shell commands Use data directory as default for logfile checkpoints Fix broken checkpoint save/restore for logfiles MD5: (...) -> http://www.security-database.com/toolswatch/SAMHAIN-2-6-4-released.html ** Focus on scRUBYt! v0.4.11 the powerful web scraping tool ** by Tools Tracker Team - 23 March 2010 scRUBYt! is a simple but powerful web scraping toolkit written in Ruby. It's purpose is to free you from the drudgery of web page crawling, looking up HTML tags, attributes, XPaths, form names and other typical low-level web scraping stuff by figuring these out from your examples copy'n'pasted from the Web page or straight from Firebug. scRUBYt! has only 2 dependencies, hpricot and mechanize (optionally FireWatir for AJAX scraping). Changements : [NEW] possibility to use FireWatir as the (...) -> http://www.security-database.com/toolswatch/Focus-scRUBYt-v0-4-11-the-powerful.html ** SQLFury SQL Injection for Adobe Air runtime v1.1.6 availabe ** by Tools Tracker Team - 23 March 2010 SQLFury is an injection scanner that uses blind SQL injection techniques to extract information from a target database. It targets Air Abobe AIR Runtime Database Support: MySQL PostgreSQL Oracle Microsoft SQL Server Extract from database: Database version. Current database user. All database users. Database name. All database names. All table names. All columns names. Entire columns. Version: SQLFury 1.1.6 ( size : 517K ) Runs on Windows XP/Vista or MacOS X (...) -> http://www.security-database.com/toolswatch/SQLFury-SQL-Injection-for-Adobe.html ** Burp Intruder Botox announces many improvements ** by Tools Tracker Team - 23 March 2010 Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility. The new beta version of Burp Intruder, which contains a bunch of frequently-requested enhancements: You can now (...) -> http://www.security-database.com/toolswatch/Burp-Intruder-Botox-announces-many.html ** Netsparker author released Freakin' Simple Fuzzer v0.7.3.5 ** by Tools Tracker Team - 23 March 2010 FSF is a plug-in based freakin' simple fuzzer for fuzzing web applications and scraping data. It supports some basic stuff and missing some features however it has got some advanced RegEx capturing features for scraping data out of web applications. Why bring yet another fuzzer into this cruel world? Yeah, I know there are so many of them hanging around. Basically I was trying to fuzz something and after spending about 2-3 hours about 3-4 different terribly designed fuzzers I thought (...) -> http://www.security-database.com/toolswatch/Netsparker-author-released-Freakin.html ** Netsparker 1.3.0.0 in the wild ** by Tools Tracker Team - 23 March 2010 Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker. It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting (XSS), Remote Code Execution and many more. It has exploitation built on it, for example you can get a reverse shell out of an identified SQL Injection or extract data via running custom SQL queries. Netsparker (...) -> http://www.security-database.com/toolswatch/Netsparker-1-3-in-the-wild.html ** iExploder v1.5 - Web Browser Quality Assurance Tester ** by ToolsTracker - 22 March 2010 iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. iExploder was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit (...) -> http://www.security-database.com/toolswatch/iExploder-v1-5-Web-Browser-Quality.html ** pvefindaddr v1.25 released ** by Tools Tracker Team - 21 March 2010 pvefindaddr is a PyCommand (plugin) for Immunity Debugger. Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility. Drop the file in the pycommands folder within your Immunity Debugger installation folder. You can get the list of (...) -> http://www.security-database.com/toolswatch/pvefindaddr-v1-25-released.html Regards Security-Database team www.security-database.com ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Tools Update - Last week of March 2010 SD List (Mar 29)