Archive | Security Software

Advertisements


23 June 2015 | 1,751 views

unix-privesc-check – Unix/Linux User Privilege Escalation Scanner

Unix-privesc-checker is a Unix/Linux User privilege escalation scanner that runs on Unix systems (tested on Solaris 9, HPUX 11, Various Linuxes, FreeBSD 6.2). It tries to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or to access local apps (e.g. databases). It’s similar in some ways to – LinEnum […]

Continue Reading


14 June 2015 | 2,224 views

Just-Metadata – Gathers & Analyse IP Address Metadata

Just-Metadata is a tool that can be used to gather IP address metadata passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has “gather” modules which are used to gather metadata about IPs loaded into the framework across multiple resources on the internet. Just-Metadata […]

Continue Reading


06 June 2015 | 2,123 views

Shadow Daemon – Web Application Firewall

Shadow Daemon is a collection of tools to detect, protocol and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. Shadow Daemon is easy […]

Continue Reading


02 May 2015 | 1,781 views

Graudit v1.9 Download – Grep Source Code Auditing Tool

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications and source code auditing tool sets like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible. You […]

Continue Reading


24 March 2015 | 1,469 views

Yasca – Multi-Language Static Analysis Toolset

Yasca is an open source program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It’s basically a tool-kit for multi-language static analysis. Yasca can scan source code written in Java, C/C++, HTML, JavaScript, ASP, ColdFusion, PHP, COBOL, .NET, and other languages It leverages on external open source […]

Continue Reading


24 February 2015 | 3,605 views

VScan – Open Source Vulnerability Management System

VScan is an open source Vulnerability Management System designed to make it easier for an organization to track vulnerability resolution and ensure anything found in their infrastructure is fixed. VScan was created as after a vulnerability assessment it can sometimes be difficult to track the implementation of a security improvement program, so this tool can […]

Continue Reading


12 February 2015 | 1,526 views

Facebook Launches ThreatExchange – Security Clearinghouse API

So Facebook has launched ThreatExchange, a social network for information security intelligence and cyberthreat sharing, how apt. They have signed up some fairly heavyweight partners from the get go with Bitly, Dropbox, Pinterest, Tumblr, Twitter and Yahoo! being involved initially. With those kind of names, it’s a sure bet more people will jump on the […]

Continue Reading


19 December 2014 | 2,246 views

Acunetix OVS Review (Online Vulnerability Scanner)

Introduction It’s been a while since we’ve looked at any Acunetix products in depth, they’ve always had a solid Web Vulnerability Scanner as we found in our reviews of Acunetix WVS 6 and Acunetix WVS 7. Version 9.5 of the Web Vulnerability Scanner was released earlier this year and late last year Acunetix also announced […]

Continue Reading


13 December 2014 | 3,501 views

Oryon C Portable – Open Source Intelligence (OSINT) Framework

Oryon C Portable is a web browser designed to assist researchers in conducting Open Source Intelligence investigations. Oryon comes with dozens of pre-installed tools and a select set of links catalogued by category – including those that can be found in the OI Shared Resources. Based on SRWare Iron version 31.0.1700.0 (Chromium) More than 70 […]

Continue Reading


25 November 2014 | 4,021 views

LinEnum – Linux Enumeration & Privilege Escalation Tool

LinEnum will automate many Local Linux Enumeration & Privilege Escalation checks documented in this cheat sheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful SUID/GUID files and Sudo/rhost mis-configurations and more. An additional ‘extra’ feature is that the […]

Continue Reading


Advertisements