Saturday, June 26, 2010

News of interest for the month of June 2010...

Websecurify 0.6 - powerful web application security testing

Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

http://code.google.com/p/websecurify/


w3af 1.0-rc3 Available For Download – Web Application Attack & Audit Framework

w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

http://w3af.sourceforge.net/


OpenSCAP – Framework For Implementing SCAP (Security Content Automation Protocol)

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.

http://www.open-scap.org/page/Main_Page
Link

Onapsis Bizploit – ERP Penetration Testing Framework

Bizploit is the first Opensource ERP Penetration Testing framework. Developed by the Onapsis Research Labs, Bizploit assists security professionals in the discovery, exploration, vulnerability assessment and exploitation phases of specialized ERP Penetration Tests.

http://www.onapsis.com/research.html#bizploit


Samurai Web Testing Framework v0.8 Released – Pen Testing Security LiveCD

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.

http://samurai.inguardians.com/


Knock v1.3b – Subdomain Enumeration/Brute-Forcing Tool

Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist.

http://knock.gianniamato.it/download.phpLink

sectool – Security Audit Tool and IDS

sectool is a security tool that can be used both as a security audit as well as a part of an intrusion detection system. It consists of set of tests, library and textual/graphical frontend. Tests are sorted into groups and security levels. Administrators can run selected tests, groups or whole security levels.

https://fedorahosted.org/sectool/
Posted by at

1 comment:

  1. ajackJune 28, 2010 at 9:56 AM

    For Ubuntu (Lucid) users, you can get w3af 1.0-rc2 from the Ubuntu Universe repositories. Just type:

    sudo apt-get install w3af

    ReplyDelete

Subscribe to: Post Comments (Atom)