Archive | Security Software


08 November 2006 | 5,259 views

Taof 0.1 Network Protocol Fuzzer Released

Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols. Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests from […]

Continue Reading


31 October 2006 | 11,412 views

PMD – Java Source Code Scanner

Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner. PMD scans Java source code and looks for potential problems like: Possible bugs – empty try/catch/finally/switch statements Dead code – unused local variables, parameters and private methods Suboptimal code – wasteful […]

Continue Reading


27 October 2006 | 5,173 views

Security Companies Fight Against Microsoft Security Center

No surprise really? Microsoft and they monopoly strategies, anti-competitive behaviour, nothing new really is it? Microsoft and its security rivals are feuding over a key piece of Windows Vista real estate. The fight is over the display of technology that helps Vista owners manage the security tools on their PC. Symantec, McAfee, Check Point Software […]

Continue Reading


26 October 2006 | 18,095 views

ARPWatch-NG ARP Flooding/Spoofing Protection/Detection

If you are paranoid about people ARP spoofing or flooding on your network you can use ARPWatch-NG, ARPWatch-NG is a continue of the popular original ARPWatch from ftp://ftp.ee.lbl.gov/. ARPWatch monitors MAC adresses on your network and writes them into a file, last know timestamp and change notification is included. It can be used it to […]

Continue Reading


24 October 2006 | 8,902 views

LAPSE Sourcecode Analysis for JAVA J2EE Web Applications

LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications. LAPSE was developed by Benjamin Livshits as part of the Griffin Software Security Project. LAPSE targets the following Web application vulnerabilities: […]

Continue Reading


22 October 2006 | 22,819 views

Odysseus Proxy for MITM Attacks Testing Security of Web Applications.

Odysseus is a proxy server, which acts as a man-in-the-middle during an HTTP session. A typical HTTP proxy will relay packets to and from a client browser and a web server. Odysseus will intercept an HTTP session’s data in either direction and give the user the ability to alter the data before transmission. For example, […]

Continue Reading


12 October 2006 | 11,772 views

FindBugs – Find Bugs in Java Programs

FindBugs looks for bugs in Java programs. It is based on the concept of bug patterns. A bug pattern is a code idiom that is often an error. Bug patterns arise for a variety of reasons: Difficult language features Misunderstood API methods Misunderstood invariants when code is modified during maintenance Garden variety mistakes: typos, use […]

Continue Reading


09 October 2006 | 12,740 views

Inprotect 0.22.5 Released – Web Interface for Nessus & Nmap

A new revision of Inprotect has just been released, 0.22.5 in order to fix bugs and implement feature requests submitted by the development team and users. Existing users are recommended to upgrade. Inprotect is a web interface for Nessus and Nmap security scanners, released under GNU/GPL license. This version has the following enhancements: Improved and […]

Continue Reading


03 October 2006 | 7,629 views

Browzar is Bullshit

Not sure if any of you heard of this new super secure ultra cool web browser called Browzar? There was a bit of a backlash as it turned out Browzar was just another custom wrapper for Internet Exploder. Security experts are crying foul over a new supposedly secure browser application. Browzar is promoted as an […]

Continue Reading


01 October 2006 | 16,202 views

BeEF – Browser Exploitation Framework

There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think. BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the […]

Continue Reading