Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Tools Update - Last week of February 2010

From: "SD List" <list () security-database com>
Date: Sat, 27 Feb 2010 22:12:28 +0100 (CET)
Hello

Here is the site's newsletter "Security Database Tools Watch"
(http://www.security-database.com/toolswatch).
This letter summarizes the articles and news items published since 7 days.

Also, the SD IT vulnerability Dashboard v2.0 beta has integrated the CWE
standard. Expect many changes for the next weeks. See it at
http://www.security-database.com/dashboard.php




         New articles
         --------------------------


** AutoScan v1.5 available **
by  Tools Tracker Team
- 27 February 2010

AutoScan-Network is a network discovering and managing application. No
configuration is required to scan your network. The main goal is to print
the list of connected equipments in your network

Features:

Multithreaded Scan

Automatic network discovery

Low surcharge on the network

Simultaneous subnetworks scans without human intervention

Realtime detection of any connected equipment

Supervision of any equipment (router, server, firewall...)

Supervision of any network service (smtp, (...)

->
http://www.security-database.com/toolswatch/AutoScan-v1-5-available.html


** Pangolin SQL injection tool build 3.2.1.1020 released **
by  Tools Tracker Team
- 27 February 2010

Pangolin is an automatic SQL injection penetration testing tool developed
by NOSEC. Its goal is to detect and take advantage of SQL injection
vulnerabilities on web applications.

Once it detects one or more SQL injections on the target host, the user
can choose among a variety of options to perform an extensive back-end
database management system fingerprint, retrieve DBMS session user and
database, enumerate users, password hashes, privileges, databases, dump
entire or user’s specific DBMS (...)

->
http://www.security-database.com/toolswatch/Pangolin-SQL-injection-tool-build.html


** Web Security Dojo v1.0 released **
by  Tools Tracker Team
- 27 February 2010

Web Security Dojo is a turnkey web application security lab with tools,
targets, and training materials built into a Virtual Machine(VM). It is
ideal for both self-instruction and training classes since everything is
pre-configured and no external network connection is needed. All tools and
targets are configured to use non-conflicting ports and a Firefox proxy
switcher is set up to match.

Web Security Dojo is an open source project built on Ubuntu and hosted at
SourceForge. It is (...)

->
http://www.security-database.com/toolswatch/Web-Security-Dojo-v1-released.html


** Saint Vulnerability Scanner and Exploiter v7.2.7 released **
by  Tools Tracker Team
- 27 February 2010

SAINT is the Security Administrator’s Integrated Network Tool. It is
used to non-intrusively detect security vulnerabilities on any remote
target, including servers, workstations, networking devices, and other
types of nodes. It will also gather information such as operating system
types and open ports. The SAINT graphical user interface provides access to
SAINT’s data management, scan configuration, scan scheduling, and data
analysis capabilities through a web browser. Different aspects of (...)

->
http://www.security-database.com/toolswatch/Saint-Vulnerability-Scanner-and.html


** John the Ripper updated to v1.7.5 **
by  Tools Tracker Team
- 27 February 2010

John the Ripper is a fast password cracker, currently available for many
flavors of Unix (11 are officially supported, not counting different
architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to
detect weak Unix passwords. Besides several crypt(3) password hash types
most commonly found on various Unix flavors, supported out of the box are
Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with
contributed patches.

Changelog

Support for the use of (...)

->
http://www.security-database.com/toolswatch/John-the-Ripper-updated-to-v1-7-5.html


** Watcher Web Security Scanning tool v1.3.0 available **
by  Tools Tracker Team
- 27 February 2010

Watcher (The Open source Web Security Testing Tool and PCI compliancy
auditing utility) is a runtime passive-analysis tool for HTTP-based Web
applications. It detects Web-application security issues as well as
operational configuration issues.

Watcher provides pen-testers hot-spot detection for vulnerabilities,
developers quick sanity checks, and auditors PCI compliance auditing. It
looks for issues related to mashups, user-controlled payloads (potential
XSS), cookies, comments, HTTP (...)

->
http://www.security-database.com/toolswatch/Watcher-Web-Security-Scanning-tool.html


** Katana v1.5 (Zatoichi) Multi-Boot Security Suite released **
by  ToolsTracker
- 25 February 2010

Katana is a portable multi-boot security suite designed for all your
computer security needs. The idea behind this tool is to bring together all
of the best security distributions to run from one USB drive. Katana
includes distributions which focus on Penetration Testing, Auditing,
Password Cracking, Forensics and Honey Pots.

Katana comes with over 100 portable Windows applications such as
Wireshark, HiJackThis, Unstoppable Copier, and OllyDBG.

This release has a couple of major changes to (...)

->
http://www.security-database.com/toolswatch/Katana-v1-5-Zatoichi-Multi-Boot.html


** mssqlfp (ENGR SQL FingerprintT) v1.00.0006 released **
by  ToolsTracker
- 25 February 2010

This is a tool that performs version fingerprinting on Microsoft SQL
Server 2000, 2005 and 2008, using well known techniques based on several
public tools that identifies the SQL Version.

Usage:

ESF -h [-d ] []

Options:

d ADDRESS Define destination IP address.

D Display detailed module information.

t TIMEOUT Define timeout for execution (default is 5).

T TIMEOUT Define timeout for connection (default is 5).

h Display this help message.

More information: (...)

->
http://www.security-database.com/toolswatch/mssqlfp-ENGR-SQL-FingerprintT-v1.html


** Mobius Forensic Toolkit v0.5.2 released **
by  ToolsTracker
- 24 February 2010

Mobius Forensic Toolkit is an open-source forensic framework written in
Python/GTK that manages cases and case items, providing an abstract
interface for developing extensions. Cases and item categories are defined
using XML files, for easy integration with other tools.

Version 0.5.2

Extension config created

service config.set created

service config.get created

extensions use 'config.get/set' instead of 'app.get/set-config'

service app.get-config eliminated

service (...)

->
http://www.security-database.com/toolswatch/Mobius-Forensic-Toolkit-v0-5-2.html


** SecTechno article on Security-Database **
by  Tools Tracker Team
- 24 February 2010

Ensuring security of the modern computer network with a large number of
system and devices consumes a big effort. Keeping track all new gaps
becomes more and more difficult.Here I wanted to present a very good
Infosec source.

Security-Database.com is an online computer security portal .provide free
comprehensive and complete information about product vulnerabilities and
tools for penetration testing based on open international standards.

The most important is that the creator of (...)

->
http://www.security-database.com/toolswatch/SecTechno-article-on-Security.html


** dnsmap v0.30 - Passive DNS network mapper **
by  ToolsTracker
- 24 February 2010

dnsmap (a.k.a. subdomains bruteforcer) was originally released back in
2006 and was inspired by the fictional story "The Thief No One Saw" by Paul
Craig, which can be found in the book "Stealing the Network - How to 0wn
the Box".

dnsmap is mainly meant to be used by pentesters during the information
gathering/enumeration phase of infrastructure security assessments. During
the enumeration stage, the security consultant would typically discover the
target company's IP netblocks, domain (...)

->
http://www.security-database.com/toolswatch/dnsmap-v0-30-Passive-DNS-network.html


** No More and 1=1 v0.3 - repository of SQLi/XSS **
by  ToolsTracker
- 24 February 2010

In order to minimize the time required to type malicious syntax and have a
handy repository of it M, this small tool that we hence call No more and
1=1.

The tool comes in two flavours (so far) the stand alone version (a java
app) and the Webscarab Proxy attached version, we may bundle the tool with
more proxies in the near future. The tool is simple, its great value comes
in the definitions file which is totally customizable.

Standalone Version

Requirements

A Java Runtime Machine is (...)

->
http://www.security-database.com/toolswatch/No-More-and-1-1-v0-3-repository-of.html


** [PDF] Nmap5 cheatsheet **
by  ToolsTracker
- 24 February 2010

Quick reference (also known as cheatsheet) for nmap, incorporating in
addition to common parameters, some commands which are specific of the last
branch released.

This cheatsheet also incorporate on the lower section some examples with
typical scans which can be performed with this tool.

Thanks to our friend, Alejandro "dab" Ramos, from Security By Default.

-> http://www.security-database.com/toolswatch/PDF-Nmap5-cheatsheet.html


** Xplico v0.5.5 released **
by  ToolsTracker
- 24 February 2010

The goal of Xplico is extract from an internet traffic capture the
applications data contained. For example, from a pcap file Xplico extracts
each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP
call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol
analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT).

Xplico is released under the GNU General Public License.

Version 0.5.5

migrating to SQLite3

telnet dissector

webmail dissector (...)

-> http://www.security-database.com/toolswatch/Xplico-v0-5-5-released.html


** Damn Vulnerable Web App (Live CD) v1.0.6 - released **
by  ToolsTracker
- 24 February 2010

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn
vulnerable. Its main goals are to be an aid for security professionals to
test their skills and tools in a legal environment, help web developers
better understand the processes of securing web applications and aid
teachers/students to teach/learn web application security in a class room
environment.

Damn Vulnerable Web App (DVWA) is free software: you can redistribute it
and/or modify it under the terms of the (...)

->
http://www.security-database.com/toolswatch/Damn-Vulnerable-Web-App-Live-CD-v1.html


** Nsploit - Popping boxes with Nmap **
by  ToolsTracker
- 23 February 2010

Nsploit it allows to pass through nmap to Metasploit and then execute some
exploit.

Nsploit consists of 3 parts:

Library- It facilitates all the communication.

Triggers-Triggers fire when something is detected.

Config-Helps us set the options for the attack.

How to Install

Video

View slides, presented on SecTor. (PDF)

More information: here

->
http://www.security-database.com/toolswatch/Nsploit-Popping-boxes-with-Nmap.html


** iScanner v0.3 - detect and remove malicious codes **
by  ToolsTracker
- 23 February 2010

iScanner is free open source tool lets you detect and remove malicious
codes and web pages viruses from your Linux/Unix server easily and
automatically.

This tool is programmed by iSecur1ty using Ruby programming language and
it's released under the terms of GNU Affero General Public License 3.0.

Features

Detect malicious codes in web pages, this include hidden iframe tags,
javascript, vbscript and activex objects.

Extensive log shows the infected files and the malicious code. (...)

->
http://www.security-database.com/toolswatch/iScanner-v0-3-detect-and-remove.html


** [PAPER] 2010 CWE/SANS Top 25 Most Dangerous Programming Errors (v1.01)
**
by  ToolsTracker
- 23 February 2010

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of
the most widespread and critical programming errors that can lead to
serious software vulnerabilities. They are often easy to find, and easy to
exploit. They are dangerous because they will frequently allow attackers to
completely take over the software, steal data, or prevent the software from
working at all.

The Top 25 list is a tool for education and awareness to help programmers
to prevent the kinds of (...)

->
http://www.security-database.com/toolswatch/PAPER-2010-CWE-SANS-Top-25-Most.html


** Sahi v3.0 - Web Automation and Test Tool **
by  ToolsTracker
- 23 February 2010

Sahi is an automation tool to test web applications. Sahi injects
javascript into web pages using a proxy and the javascript helps automate
web applications.

Sahi is a tester friendly tool. It abstracts out most difficulties that
testers face while automating web applications. Some salient features
include excellent recorder, platform and browser independence, no XPaths,
no waits, multithreaded playback, excellent Java interaction and inbuilt
reporting.

Open-source Automation Tool (...)

->
http://www.security-database.com/toolswatch/Sahi-v3-Web-Automation-and-Test.html


** Nessus v4.2.1 released **
by  ToolsTracker
- 22 February 2010

Nessus is the world's most popular vulnerability scanner used in over
75,000 organizations world-wide. Many of the world's largest organizations
are realizing significant cost savings by using Nessus to audit
business-critical enterprise devices and applications.

Web Based Interface Nessus 4.2 comes with a built-in web interface which
lets you start your scan and analyze the results from any system which can
connect to your Nessus scanner.

Enhanced Reporting Nessus 4.2 lets you compare (...)

-> http://www.security-database.com/toolswatch/Nessus-v4-2-1-released.html


Regards

Nabil OUCHN
CEO & Founder
Security-Database
France

Maximiliano Soler
ToolsWatch Leader
Security-Database
Argentina



------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: