Penetration Testing mailing list archives
[Tools update] The Security-Database Watch Newsletter -- v20090912
From: "SD List" <list () security-database com>
Date: Sun, 13 Sep 2009 08:56:54 +0200 (CEST)
Dear all, Here is the site's newsletter "Security Database Tools Watch" (http://www.security-database.com/toolswatch). This letter summarizes the articles and news items published since 7 days. New articles -------------------------- ** SAINT ® 7.1.2 Released ** by Tools Tracker Team - 11 September 2009 SAINT is the Security Administratorâs Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINTâs data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...) -> http://www.security-database.com/toolswatch/SAINT-R-7-1-2-Released.html ** OVAL interpreter v5.6.1 released ** by Tools Tracker Team - 11 September 2009 Open Vulnerability and Assessment Language (OVALâ¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community. Changelog : Updated to support version 5.6 of the OVAL Language. Added support (...) -> http://www.security-database.com/toolswatch/OVAL-interpreter-v5-6-1-released.html ** NetworkMiner v0.89 - Network Forensic Analysis Tool ** by ToolsTracker - 11 September 2009 NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network. NetworkMiner can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. The purpose of NetworkMiner is to collect data (such as forensic evidence) about (...) -> http://www.security-database.com/toolswatch/NetworkMiner-v0-89-Network.html ** ScanEx vBeta - Scanning for iFrame and Script Injections ** by ToolsTracker - 11 September 2009 This is a simple utility which runs against target site and look for external references and cross domain malicious injections. There are several vulnerable sites which get manipulated with these types of injections and compromised. The site gets registered with stopbadware and other databases as well. This tool helps in doing initial scanning to look from obvious injections. At this point it is looking into iframe and script tags as defined in regex file. This is beta version of the (...) -> http://www.security-database.com/toolswatch/ScanEx-vBeta-Scanning-for-iFrame.html ** HaraldScan v0.31 - Bluetooth discovery scanning ** by ToolsTracker - 11 September 2009 The scanner will be able to determine Major and Minor device class of device, as well as attempt to resolve the device's MAC address to the largest known Bluetooth MAC address Vendor list. The goal of this project is to obtain as many MAC addresses mapped to device vendors as possible. HaraldScan v0.31 Released Added -u option to update MACLIST to most recent version. Added proper GPLv3 disclaimer and License Fixed other minor bugs (mostly not noticed by users). Requirements Linux: (...) -> http://www.security-database.com/toolswatch/HaraldScan-v0-31-Bluetooth.html ** PenTBox v1.0.1 Beta - Security Suite ** by ToolsTracker - 10 September 2009 PenTBox is a Security Suite with programs like Password Crackers, Denial of Service testing tools (DoS and DDoS), Secure Password Generators, Honeypots and much more. Destined to test security and stability of networks. PenTBox 1.0.1 Beta Released Modified code to be clearest and more simple in all archives. Added more exceptions in Honeypot. Modified Default Web configuration in Honeypot. Fixed traduction problems in Readmes. Modified Windows .bat Loader. Base64 deleted from (...) -> http://www.security-database.com/toolswatch/PenTBox-v1-1-Beta-Security-Suite.html ** Aircrack-ng v1.0 - Finally Released ** by ToolsTracker - 8 September 2009 Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. «Aircrack-ng is a set of tools for auditing wireless networks.» Version 1.0 - Released 08 September 2009: airserv-ng: Now works fine between 32 and 64bit OSes. (...) -> http://www.security-database.com/toolswatch/Aircrack-ng-v1-Finally-Released.html ** (0day) Windows Vista/7 SMB2.0 Remote B.S.O.D PoC ** by Tools Tracker Team - 8 September 2009 SRV2.SYS fails to handle malformed SMB headers for the NEGOTIATE PROTOCOL REQUEST functionnality. The NEGOTIATE PROTOCOL REQUEST is the first SMB query a client send to a SMB server, and it's used to identify the SMB dialect that will be used for futher communication. The vulnerability was discovered by Laurent Gaffié Proof of Concept and background here -> http://www.security-database.com/toolswatch/0day-Windows-Vista-7-SMB2-Remote-B.html ** Netgrok visualizing computer networks in real-time ** by ToolsTracker - 8 September 2009 Visualize computer networks in real-time using graph and treemap layouts Netgrok is a tool for visualizing computer networks in real-time. NetGrok applies well-known information visualization techniques (overview, zoom & filter, details on demand) and employs a group-based graph layout and a treemap to visually organize network data. NetGrok also integrates these tools with a shared data store that can read PCAP formatted network captures, capture traces from a live interface, and filter (...) -> http://www.security-database.com/toolswatch/Netgrok-visualizing-computer.html ** OSSEC v2.2 released ** by Tools Tracker Team - 8 September 2009 OSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active respons This is a stability release, with heavy focus on bug fixes, code cleanup and a few new features. The most notable changes are: Trend OSCE (Office scan) support - We added rules (...) -> http://www.security-database.com/toolswatch/OSSEC-v2-2-released.html ** Latest Linux distributions updated ** by Tools Tracker Team - 8 September 2009 A Linux distribution (also called GNU/Linux distribution by some vendors and users) is a member of the family of Unix-like software distributions built on top of the Linux kernel. Such distributions (often called distros for short) consist of a large collection of software applications such as word processors, spreadsheets, media players and database applications. (source Wikipedia) Debian Lenny 5.0.3 stable released Easy Peasy 1.5 stable released FreeBSD 8.0 - BETA 4 development in (...) -> http://www.security-database.com/toolswatch/Latest-Linux-distributions-updated.html ** FireCAT 1.5 Mozilla Collections Set released ** by Tools Tracker Team - 8 September 2009 Here is a collection built on FireCAT 1.5 project by Security Database Tools Watch http://www.security-database.com/toolswatch/FireCAT-1-5-released.html. Install carefully! Built in FF 3.0.x "portable" ed. The collection project is created by Claus Valca. Here is also an article he wrote about "FireCAT 1.5 âPlusâ Add-On Collection". Source : Claus Valca - Grand Stream Dreams blog Both of these tools brought be back to the excellent FireCAT 1.5 collection of Firefox add-ons used for (...) -> http://www.security-database.com/toolswatch/FireCAT-1-5-Mozilla-Collections.html ** mysqloit v0.1 - SQL Injection Takeover Tool ** by ToolsTracker - 5 September 2009 MySqloit is a SQL Injection takeover tool focused on LAMP (Linux, Apache, MySql, PHP) and WAMP (Linux, Apache, MySql, PHP) platforms. It has the ability to upload and execute metasploit shellcodes through the MySql SQL Injection vulnerabilities. Attackers performing SQL injection on a MySQL-PHP platform must deal with several limitations and constraints. For example, the lack of multiple statements in one query makes MySQL an unpopular platform for remote code execution, compared to (...) -> http://www.security-database.com/toolswatch/mysqloit-v0-1-SQL-Injection.html ** Jasager - Wifi MitM Tool (faking Access Point) ** by Tools Tracker Team - 5 September 2009 Jasager is an implementation of Karma designed to run on OpenWrt on the Fon. It will probably run on most APs with Atheros wifi cards but it was designed with the Fon in mind as it is a nice small AP which gives it a lot of scope for use in penetration tests and other related fun.  A quick highlight of features: Web interface showing currently connected clients with their MAC address, IP address (if assigned) and the SSID they associated with The web interface allows control of all Karma (...) -> http://www.security-database.com/toolswatch/Jasager-Wifi-MitM-Tool-faking.html ** Spiceworks 4.1.40098 - Updated ** by ToolsTracker - 5 September 2009 Spiceworks is the complete network management & monitoring, helpdesk, PC inventory & software reporting solution to manage Everything IT in small and medium businesses. Spiceworks Lets You... Inventory Your Network & PCs Monitor & Manage Your Network Manage Your IT Assets Manage Changes & Configurations Map Your NetworkBETA Audit Your Software Troubleshoot Your Network Run an IT Help Desk Be an MSP Talk to IT Pros Like You Spiceworks IT Desktop is designed for IT Pros who have (...) -> http://www.security-database.com/toolswatch/Spiceworks-4-1-40098-Updated.html Regards Nabil OUCHN Maximiliano Soler CEO & Founder Tools Watch Manager Security-Database.com ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- [Tools update] The Security-Database Watch Newsletter -- v20090912 SD List (Sep 14)