|
(Page 1 of 121) 1 2 3 4 5 6 7 8 9 10 11 Next > Category: Auditing Exploit-Me Added 2007-11-27 Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use. syslog-ng Premium Edition Added 2007-08-10 The syslog-ng Premium Edition application is a system logging client and server application that offers native TCP and TLS support, disk buffering, and logging directly into SQL databases. It runs on a variety of UNIX-like systems, and can also collect logs from Microsoft Windows platforms. Scuba Added 2007-07-16 Freeware database security assessment tool. Safe for production environments. Does not contain exploit code. srgn-file2text Added 2007-07-15 Converts a BINARY file to TEXT Supports files bigger than 64KB and control for bytes perl line also read this-> http://surgeon.gotdns.org/tutos/srgn-pentest-02.txt XSS Scanner Added 2007-06-25 XSS Scanner that can find hosts using a google query or search one site. If XSS is found it attempts to collect email addresses to further your attack or warn the target of the flaw. When the scan is complete it will print out the XSS's found and or write to file, it will find false positives so manually check before getting to excited. It also has verbose mode and you can change the alert pop-up message, check options!! Windows Live Password Recovery Added 2007-05-05 Windows Live Password Recovery is the tool that will instantly find, decrypt & recover Windows Live passwords that were saved by Windows Live Messenger on your PC under the current login. This decoder will recover multiple accounts and supports all known versions of Windows Live Messenger including Messenger Beta, MSN Messenger and Windows Messenger. This cracker works when the "Remember My Password" checkbox is ticked in Windows Live Messenger. Even is you have un-installed Windows Live Messenger there is still a chance that your password is saved on your PC. SpyStudio Added 2007-05-02 SpyStudio is an application to monitor API calls made by different processes. It simplifies the code execution interception operations to really know what is happening in the Windows Operating System's processes and in its applications. ZippyLock Added 2007-03-29 ZippyLock is a free and extremely easy to use password management utility. Your password entries are kept in a 'private file' and nowhere else. ZippyLock uses Windows clipboard to transfer your data into forms (see the Demo at web site). When you run ZippyLock for the first time, it prompts you to create a new private file, and asks you to specify a MASTER PASSWORD. Later you will be prompted to save your private file. The private file will be stored on your hard-disk (or a USB Disk). The private file will be Triple-DES encrypted using a unique hash number generated from your MASTER PASSWORD. The hash number too will be encrypted by itself and stored in the same private file along with your encrypted passwords. Note that your MASTER PASSWORD is not stored anywhere. Your encrypted passwords are not stored anywhere other than the private file. No other auxiliary or reference information is kept in hidden places like registry, WINDOWS directory etc. Everything is stored in your private file that you control and nowhere else. In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3TDES has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 112 bits. As of 2005, the best attack known on 3TDES requires around 232 known plaintexts, 2113 steps, 290 single DES encryptions, and 288 memory. This is not currently practical. Scuba by Imperva Added 2007-03-05 Scuba by Imperva is a free, lightweight Java utility that scans Oracle, DB2, MS-SQL, and Sybase databases for known vulnerabilities and configuration flaws. Based on its assessment results, Scuba creates clear, informative reports with detailed test descriptions. Summary reports, available in Java and HTML format, illustrate overall risk level. With Scuba by Imperva, you are quickly on your way to meeting industry-leading best practices for database configuration and management. SSA Security System Analyzer Added 2007-02-21 A local vulnerabilty analyzer based on OVAL concept. http://www.security-database.com/ssa.php 1.5 Final Release * NOW SSA Security System Analyzer in added to OVAL.mitre.org compatibility program o http://oval.mitre.org/compatible/questionnaires/21.html * NOW fully based on OVAL 5.2 Interpreter. * Added OVAL XML Database Plug-in. o View OVAL ID Information o Search by OS and OVAL ID + Double click on entry and get more information (linked to OVAL.mitre.org and security-database.com) o More information about CVE (CVSS, Related sources, Related missed patches....) * Added function Stop/Reload in SSA * Improved performance in SSA Core Scanner * Fixed bugs (function checks, abnormal scan abort...) * Fixed bugs in Updater Plug-in * Added second progress bar in Updater Plug-in to indicate the stages left to be processed. Browse by category |
|
|
Privacy Statement |
