MoocherHunter™ is a mobile tracking software tool for the real-time on-the-fly geo-location of wireless moochers and hackers. It’s included as part of the OSWA Assistant LiveCD we mentioned quite recently.’
I wanted to mention this tool separately as I think it’s very cool!

MoocherHunter™ identifies the location of an 802.11-based wireless moocher or hacker by the traffic [...]

Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
This is a tool that might be useful for both penetration testers performing white box tests and system admins trying [...]

FWAuto (Firewall Rulebase Automation) is a Perl script and should work on any system with Perl installed. Provide the running config of a PIX firewall to fwauto. It will analyze and give you a list of weak rules in your rule base and store the result in multiple output files.

Maybe there have been times when [...]

Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a very simple user interface and provides ample information regarding each NIC in the machine. Every NIC has a MAC address hard coded in its circuit [...]

After nearly 10 years of developement Wireshark (formely known as Ethereal) has finally reached version 1!
For those that don’t know, Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.
Wireshark development thrives thanks to the contributions of networking experts across the [...]

This tool is another one on the side of protection, again for web-based applications but this time for .NET applications it’s called .NETIDS (.NET Intrusion detection System). This tool is capable of detecting on attacks on web applications and gives the developer the possibility to react. The project files include filter rules and function stubs [...]

It seems like security/pen-testing software can be quite lucrative - especially with the prices Core Security charge for their flagship tool Core Impact (Around $25,000 per seat?).
They have offices in two countries and are now looking to expand into new markets, anyway this is a bit of corporate security news for a change. They have [...]

Nipper performs security audits of network device configuration files. The report produced by Nipper includes; detailed security-related issues with recommendations, a configuration report and various appendices. Nipper has a large number of configuration options which are described on this page.

Nipper currently supports the following device types:

Cisco Switches (IOS)
Cisco Routers (IOS)
Cisco Firewalls [...]

Well seen as though we were talking about breaking passwords, here’s a tool for Firefox to help you manage your more secure passwords.
Better security without bursting your brain
Password Hasher is a Firefox security extension for generating site-specific strong passwords from one (or a few) master key(s).

What good security practice demands:

Strong passwords that are hard [...]

Another protection for those building website and web applications, as it’s the the most common attack vector nowadays I think it’s important to be extra safe on this front.
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes [...]

Another tool for the security side, good for forensics, monitoring and auditing.
Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, [...]

What Is Mod AntiTamper (AT)
AntiTamper is an Apache 2.x module that could be used to prevent some sort of url and cookie tampering.
Specifically, AT could stop a lot of those malicious bots that take advantage from search engines. Moreover, attack techniques like HTTP Response Splitting and session hijacking/fixation will be mitigated.

Is important to notice that [...]

To follow on from Whitetrash which I posted about previously, here is another tool to secure your web site or web application. Essentially it’s a very comprehensive set of rules for mod_security.
ModSecurity is an open source intrusion detection and prevention engine for web applications (or a web application firewall). Operating as an Apache Web server [...]

This is a pretty neat tool for those using Squid Cache and looking for a pro-active tool for securing web acccess in their company (or house if you have a devious sibling).
The goal of Whitetrash is to provide a user-friendly and sysadmin-friendly proxy that makes it significantly harder for malware to use HTTP and SSL [...]

At last a new major release of Nmap!
If for some odd reason you don’t already know what Nmap is, it is a free and open source utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host [...]

The newest version of Technitium MAC Address Changer was released a while back, v4.7. There are some minor changes and it’s looking to be pretty polished for a free tool.
Of course some might say “It’s just a registry entry? What’s the big deal?” Well this just makes it easier, especially when you are doing audits [...]

The firewall test suite fwtest is a security auditing tool made up of two parts: the test control application fwtest and optionally one or two helper processes named fwagent. The test control application fwtest starts up the python interpreter with the given test script. The test script controls the packet data flow between two virtual [...]

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.
Features :

OVAL-compatible product
SCAP (Security Content Automation Protocol)
Perform a deep inventory audit on installed softwares and applications
Scan and map vulnerabilities using non-intrusive techniques based on schemas
Detect and identify missed patches and hotfixes
Define [...]

Just a quick note as I know many of you guys are in corporate security positions and might be looking for some of the solutions GFI offers.
They are having a Q4 promotion with up to 50% off on some of their products/services.

GFI MailEssentials – 25%
GFI MailEssentials & GFI MailSecurity Suite – 25%
GFI MailSecurity – 50%
GFI [...]

CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations.
As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license.
The present implementation protects PHP 5.2.3 against SQL-injection attacks for the MySQL engine, it can be [...]

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied.

Features :

OVAL-compatible product
SCAP (Security Content Automation Protocol)
Perform a deep inventory audit on installed softwares and applications

Scan and map vulnerabilities using non-intrusive techniques based on schemas
Detect and identify missed patches and hotfixes
Define a [...]

XSS Warning is a extension/add-on for Firefox that filters malicious values to prevent Cross Site Scripting (XSS) attacks by malicious URLs (assuming you have Javascript enabled).

XSS Warning 0.1.8 beta protect from:

URL attack
Redirect attack
Link code injection

Compatible with Firefox: 1.5 – 2.0.0
You can install and read more about XSS Warning here:
http://www.gianniamato.it/project/extension/xsswarning/

Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine. The result is a security index of the system that is given after each execution. It a [...]

Dr.Morena is a tool to confirm the rule configuration of a Firewall.
The configuration of a Firewall is done by combining more than one rule. Sometimes a rule configuration may reside in a place other than the basic rule configuration place. In such a case, it is difficult to confirm whether it is an intended configuration [...]

Sguil (pronounced sgweel) is probably best described as an aggregation system for network security monitoring tools. It ties your IDS alerts into a database of TCP/IP sessions, full content packet logs and other information. When you’ve identified an alert that needs more investigation, the sguil client provides you with seamless access to the data you [...]

Redseal is launching a free offer next week for security consultants, pen testers and auditors.
Redseal develops a product called Security Risk Manager (SRM), it does the following - (non sales overview)

Imports firewall and router configuration files
Audits and checks them for errors, mis configurations, redundant rules, checks against best practices etc
Draws a network topography [...]

Agnitum Outpost Security Suite Pro is a step up from their Agnitum Outpost Firewall PRO
with a more wholistic look at security.
The suite also includes pre-emptive threat protection, anti-spam protection and safe-surfing.
The Software is fairly sizeable at around 36MB, you can download it here, for a 30 day free trial.

As I’ve mentioned before I think [...]

Recently GFI launched a free, online portable storage device scanner called EndPointScan.
http://www.endpointscan.com
EndPointScan, is an industry-first, free online service that allows anyone to check what devices are or have been connected to computers on their network and by whom.

Using this diagnostic tool, one can identify those areas where the use of portable storage devices could pose [...]

This was the idea with which I have won the regional web apps contest… well actually I did a CMS but the security part of it was the most appreciated. Maybe because it was weird, you’ll see…
Classical Login scripts
What exactly do classical login scripts do… they get the password from the database by querying it [...]

A new version of SSA (Security System Analyzer) has been released - version 1.5.1.
SSA is a scanner based on OVAL, the command line tool provided by MITRE is not very easy to use so the guys at Security Database decided to write a GUI to make it simple to use and understand and then free [...]

FSUM is a fast and handy command line utility for file integrity verification. It offers a choice of 13 of the most popular hash and checksum functions for file message digest and checksum calculation.
You can easily use FSUM with a batch wrapper to do automated file integrity monitoring, and use something like blat to email [...]

What is PHProxy?
PHProxy is a Web HTTP proxy programmed in PHP to bypass firewalls and other proxy restrictions through a Web interface very similar to the popular CGIProxy. School/country/company blocked your favorite Website? Look no further!
The server that this script runs on simply acts as a medium that retrives resources for you. The only IP [...]

Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout [...]

Agnitum Outpost Firewall Pro is a software based firewall I respect a lot, and used to actually use…It used to be fairly light weight, secure and had some good features the other firewalls at the time didn’t have (system file integrity checking and so on).

But nowadays with NAT routers, the need for desktop firewalls is [...]

Clustered Firewalls? What on earth next, beowulf IDS systems?

Check Point has added cluster support and more granular controls to its virtual firewall software, memorably named Check Point VPN-1 Power VSX NGX.
Virtual firewalls can now be distributed around a server cluster, with standby firewalls on alternative servers. System administrators can also shift processor power around, taking [...]

Backup Platinum is an Windows platform backup program to make another copy of your important stuff so if your PC burns/gets pwned/crashes etc you won’t lose everything.
It supports backup by Hard or USB drives, CD-R/W or DVD±R/RW media, FTP server or Local Area Network (LAN).
It’s easy enough to download and install, you can grab it [...]

The Common Password Problem.
Users tend to use a single password at many different web sites. By now there are several reported cases where attackers breaks into a low security site to retrieve thousands of username/password pairs and directly try them one by one at a high security e-commerce site such as eBay. As expected, this [...]

There are not many good tools for replaying traffic, most people use WireShark (formely known as Ethereal) for capturing the traffic, but what happens if you want to take that capture and reply it over the wire?
Someone has this problem so they decided to code their own solution, thankfully for us! There are quite a [...]

An Austrian web site called AV Comparatives has done an ‘independent‘ test of 17 different Anti-Virus products and released the results online.
On this site you will find independent comparatives of Anti-Virus software. All products listed in our comparatives are already a selection of some very good anti-virus products. In order to get tested by us, [...]

Of course it’s a small article about md5… I really wondered how many Micro$oft Windows users check the md5 sum of programs that they download from the internet…
Do you really trust that much the mirror websites?
Even I could set up a mirror website for any download website and spread malformed packages to include, trojans, backdoors, [...]

Handy Recovery is pretty neat software, there is occasions when I’m using Windows and I need to recover something or I’ve deleted something by mistake (I have a habit of using SHIFT+DEL so it’s not even in the recycle bin.
I usually use Active Undelete and was pretty happy with it, I got a chance to [...]

sqlmap is an automatic blind SQL injection tool, developed in python, capable of enumerating an entire remote database, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.

Features

Test [...]

Feature Overview - The Secunia Software Inspector:

Detects insecure versions of applications installed
Verifies that all Microsoft patches are applied
Assists you in updating your system and applications
Runs through your browser. No installation or download is required.

How Does it Work:

The Secunia Software Inspector relies on carefully crafted “Secunia File Signatures” to recognise applications on your system. The detected [...]

I love the Burp Suite, I really do. It’s pretty much my favourite local proxy program and my favourite suite of tools for security testing web applications (especially the session investigation and manipulation parts).
Another great thing is it’s cross platform, so you don’t have to learn different tools for Windows and Linux.

Basically Burp suite is [...]

SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has.
Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, its approach to OS fingerprinting is becoming to be obsolete.
SinFP uses the aforementioned limitations as a [...]

Data security giant McAfee has bought a young Tel Aviv startup, Onigma, for somewhere between $15 million to $25 million cash, surmise hi-tech circles.
McAfee will be integrating the Onigma technology in its enterprise security solution, and will be recruiting dozens more Israeli developers for the startup, which will become a local R&D center.

Onigma was founded [...]

Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.

Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests from a [...]

Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner.

PMD scans Java source code and looks for potential problems like:

Possible bugs - empty try/catch/finally/switch statements
Dead code - unused local variables, parameters and private methods
Suboptimal code - wasteful String/StringBuffer usage
Overcomplicated expressions - [...]

No surprise really? Microsoft and they monopoly strategies, anti-competitive behaviour, nothing new really is it?

Microsoft and its security rivals are feuding over a key piece of Windows Vista real estate.
The fight is over the display of technology that helps Vista owners manage the security tools on their PC. Symantec, McAfee, Check Point Software Technologies and [...]

If you are paranoid about people ARP spoofing or flooding on your network you can use ARPWatch-NG, ARPWatch-NG is a continue of the popular original ARPWatch from ftp://ftp.ee.lbl.gov/.
ARPWatch monitors MAC adresses on your network and writes them into a file, last know timestamp and change notification is included.

It can be used it to monitor for [...]

LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications. LAPSE was developed by Benjamin Livshits as part of the Griffin Software Security Project.

LAPSE targets the following Web application vulnerabilities:

Parameter manipulation
SQL [...]

Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission.

For example, during [...]

FindBugs looks for bugs in Java programs. It is based on the concept of bug patterns. A bug pattern is a code idiom that is often an error. Bug patterns arise for a variety of reasons:

Difficult language features
Misunderstood API methods
Misunderstood invariants when code is modified during maintenance
Garden variety mistakes: typos, use of [...]

A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade.
Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements:

Improved and fixed [...]

Not sure if any of you heard of this new super secure ultra cool web browser called Browzar?
There was a bit of a backlash as it turned out Browzar was just another custom wrapper for Internet Exploder.
Security experts are crying foul over a new supposedly secure browser application.
Browzar is promoted as an easy way for [...]

There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think.
BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the impact [...]

Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT.
You may know it as a static analysis tool.
Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages:

Java and JSP
ASP.Net
PHP

Using xml-based signature files, it searches for common functions [...]

A useful tool for anyone working with PHP applications.
DESCRIPTION
————
FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable.
USAGE
——
php fis.php [local file] [remote file] [remote FIS ID file]

[local file]
————–
The local copy of the [...]

Duster is the Dead/Uninitialized Stack Eraser, an injectable DLL that causes uninitialized stack and heap memory in its host process to be wiped over with a specific value. It is intended as a crude tool to assist in the run-time discovery of uninitialized memory usage problems by increasing the chances that the host process will [...]

The eEye Binary Diffing Suite (EBDS) is a free and open source set of utilities for performing automated binary differential analysis. This becomes very useful for reverse engineering patches as well as program updates.

The first tool is BDS, the Binary Diffing Starter from Andre Derek Protas. This tool helps reverse engineers with batch-analysis of patches [...]

HoneyBOT
HoneyBOT is a Windows based medium interaction honeypot solution.

What is a Honeypot?
A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes [...]

Today sees the launch of “OneCare”, Microsofts “secrity solution”. Combining firewall, anti-virus and anti-spyware in to one handy package…. but would you trust it?
I guess many people will, and over time we will find out if its a well spent $49.99 or not, but for me? I don’t think so. Microsoft do many things, but [...]

Apparently a gaping security flaw in the latest versions of Symantec’s anti-virus software suite has been discovered that could put millions of users at risk of a debilitating worm attack. According to eEye Digital Security, the company that discovered the flaw, the vulnerability could be exploited by remote hackers to take complete control of the [...]

Bogosec is essentially a tool for finding security vulnerabilities in source code.
BogoSec aims to increase awareness regarding code security vulnerabilities, while encouraging developers to produce more secure code over time. By simplifying the code scanning process, BogoSec achieves a goal of allowing developers to scan their code regularly and more effectively.

BogoSec is a source code [...]

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.
This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of log analysis [...]

SecureDVD is a DVD with the 10 Best Security related Live CD’s.
Yes that’s right, they authored this DVD based on the recommendations made by Darknet!

Now you can have all your favorite CDs ‘compiled’ into a single DVD. I love this idea.
SecureDVD is available to download, but due to it’s size, only in BitTorrent. You can [...]

1. Nmap
I think everyone has heard of this one, recently evolved into the 4.x series.
Nmap (”Network Mapper”) is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what [...]

I remember some time back Netcraft developed an anti-phishing toolbar for Internet Explorer Exploder and Firefox.
You can check it out here:
Netcraft Toolbar

Protect your savings from Phishing attacks.
See the hosting location and Risk Rating of every site you visit.
Help defend the Internet community from fraudsters.

Then recently Google has come out with the Safe Browsing Extension for [...]

Basically the Americans are saying a lot of their sensitive govermental organisations are using Snort and they don’t want the software to be controlled by an Israeli company, they see it as a threat.
The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading Israeli software [...]

1. BackTrack
The newest contender on the block of course is BackTrack, which we have spoken about previously. An innovative merge between WHax and Auditor (WHax formely WHoppix).
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions Whax and Auditor, combining the best features from both distributions, and paying special attention [...]

4. Brief How-to …. Creating Multiple clients to Single site tunnels.
Example of using PKI to create a client-to-site VPN:
For a road warrior or roaming/multiple user scenario, static keys based VPNs don’t scale well. You will need to implement a PKI if you have Hub and Spoke architecture of VPN.
From the OpenVPN.net website:
Static Key advantages

Simple [...]

3. Brief How-to ….. OpenVPN and Site-to-Site Tunnels.
OpenVPN can be implemented either Site-to-site or client-server model. I will take example configurations of both models.
If you want to implement site-to-site configuration, the best way is to use static-keys instead of PKI. Using static keys, you can have your VPN tunnel up and running in a jiffy.
First, [...]

2. Why OpenVPN
Here, in this article, I will lay down the emphasis on one important Open-Source SSL VPN software written by James Yonan and contributed by several others, which proposes security without the inherent complexity of IPsec AND using a trusted design of client component and VPN server.
Usually VPNs require end points which are trusted. [...]

Requirement: To connect to a VP