Archive | Countermeasures




Independent Web Vulnerability Scanner Comparison – Acunetix WVS, IBM Rational AppScan & HP WebInspect

I saw a relevant paper published today by an individual that claims the comparison was ordered by a penetration testing company (a company which remains unnamed). The vendors were not contacted during or after the evaluation. Testing Procedure The author tested 13 web applications (some of them containing a lot of vulnerabilities), 3 demo applications […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities, Security Software, Web Hacking | Add a Comment

OWASP (Open Web Application Security Project) Testing Guide v3 Released

This project’s goal is to create a “best practices” web application penetration testing framework which users can implement in their own organizations and a “low level” web application penetration testing guide that describes how to find certain issues. Version 3 of the Testing Guide was released in last month in December 2008, the project was […]

Tags: , , , , , ,

Posted in: Countermeasures, Web Hacking | Add a Comment

Secunia Personal Software Inspector (PSI) 1.0

To continue with some software targeted towards security and self-protection after posting about Microsoft Baseline Security Analyzer (MBSA) and Microsoft Security Assessment Tool (MSAT) we continue with one more – Secunia Personal Software Inspector. We did write about this software way back when Secunia first came out with their Secunia Software Inspector. There’s now 3 […]

Tags: , , , , , , , , , , , ,

Posted in: Countermeasures, Exploits/Vulnerabilities, Security Software | Add a Comment

Microsoft Baseline Security Analyzer – Free Windows Tool

Recently we mentioned MSAT – Microsoft Security Assessment Tool and I recalled another tool which came out originally years and years ago and I’ve personally found useful in a few situations. It’s good when you’re working on a Domain/Group Policy and you want to lock down one machine nice and tight, it can give some […]

Tags: , , , , ,

Posted in: Countermeasures, Security Software, Windows Hacking | Add a Comment

Microsoft Security Assessment Tool – Free for Windows

The Microsoft Security Assessment Tool (MSAT) is a free tool designed to help organizations like yours assess weaknesses in your current IT security environment, reveal a prioritized list of issues, and help provide specific guidance to minimize those risks. MSAT is an easy, cost-effective way to begin strengthening the security of your computing environment and […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Security Software, Windows Hacking | Add a Comment

Symantec to Buy MessageLabs (Email Spam and Web Traffic Filter)

Some interesting security industry news, it seems like Symantec is really setting itself up to be the Microsoft of the security world. They are buying up anything and everything and merging it into the Symantec borg…things that are successful of course. Their latest acquisition is the popular MessageLabs, a good example of both cloud computing […]

Tags: , , , , , , , , ,

Posted in: Countermeasures, Spammers & Scammers | Add a Comment

fwknop – Port Knocking Tool with Single Packet Authorization

Port Knocking came about in around 2003, but it has various weaknesses. There are plenty of implentations though (some quite advanced). Most of the problems are fixed however by fwknop! fwknop stands for the “FireWall KNock OPerator”, and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a […]

Tags: , , , , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment

psad – Intrusion Detection and Log Analysis with iptables

psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic. A typical deployment is to run psad on the iptables firewall where it has the fastest access to log data. psad […]

Tags: , , , , , , ,

Posted in: Countermeasures, Network Hacking, Security Software | Add a Comment

MoocherHunter – Detect & Track Rogue Wifi Users

MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. It’s included as part of the OSWA Assistant LiveCD we mentioned quite recently.’ I wanted to mention this tool separately as I think it’s very cool! MoocherHunter™ identifies the location of an 802.11-based wireless moocher or hacker by […]

Tags: , , , , , , , , , ,

Posted in: Countermeasures, Security Software, Wireless Hacking | Add a Comment

Lynis – Security & System Auditing Tool for UNIX/Linux

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This is a tool that might be useful for both penetration testers performing white box tests and system admins […]

Tags: , , , , , , ,

Posted in: Countermeasures, Linux Hacking, Security Software | Add a Comment

Popular Tags

computer-security · darknet · exploits · fuzzing · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·