Archive | Security Software


01 October 2006 | 16,204 views

BeEF – Browser Exploitation Framework

There’s been a lot of nice Web relevant testing and hacking tools coming out lately, I’ve gotten quite a collection to post about, so do try them out and let me know what you think. BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the […]

Continue Reading


28 September 2006 | 9,451 views

Security Compass Web Application Analysis Tool – SWAAT

Announcing a new web application source code analysis tool called the Securitycompass Web Application Analysis Tool or SWAAT. You may know it as a static analysis tool. Currently in its beta release, this .Net command-line tool searches through source code for potential vulnerabilities in the following languages: Java and JSP ASP.Net PHP Using xml-based signature […]

Continue Reading


25 September 2006 | 17,253 views

FIS [File Inclusion Scanner] v0.1 – PHP Vulnerability

A useful tool for anyone working with PHP applications. DESCRIPTION ———— FIS (File Inclusion Scanner) is a vulnerability scanner for PHP applications. Is scans PHP files mapping PHP/HTTP variables and then performs a security audit,in order to find out which of them are exploitable. USAGE —— php fis.php [local file] [remote file] [remote FIS ID […]

Continue Reading


03 August 2006 | 4,468 views

eEye Duster – Dead/Uninitialized Stack Eraser

Duster is the Dead/Uninitialized Stack Eraser, an injectable DLL that causes uninitialized stack and heap memory in its host process to be wiped over with a specific value. It is intended as a crude tool to assist in the run-time discovery of uninitialized memory usage problems by increasing the chances that the host process will […]

Continue Reading


02 August 2006 | 7,042 views

eEye Binary Diffing Suite (EBDS)

The eEye Binary Diffing Suite (EBDS) is a free and open source set of utilities for performing automated binary differential analysis. This becomes very useful for reverse engineering patches as well as program updates. The first tool is BDS, the Binary Diffing Starter from Andre Derek Protas. This tool helps reverse engineers with batch-analysis of […]

Continue Reading


11 July 2006 | 15,898 views

HoneyBot – A Windows Based Honeypot

HoneyBOT HoneyBOT is a Windows based medium interaction honeypot solution. What is a Honeypot? A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the […]

Continue Reading


31 May 2006 | 3,582 views

Without OneCare in the World.

Today sees the launch of “OneCare”, Microsofts “secrity solution”. Combining firewall, anti-virus and anti-spyware in to one handy package…. but would you trust it? I guess many people will, and over time we will find out if its a well spent $49.99 or not, but for me? I don’t think so. Microsoft do many things, […]

Continue Reading


26 May 2006 | 7,366 views

Serious Symantec Anti-Virus Vulnerability

Apparently a gaping security flaw in the latest versions of Symantec’s anti-virus software suite has been discovered that could put millions of users at risk of a debilitating worm attack. According to eEye Digital Security, the company that discovered the flaw, the vulnerability could be exploited by remote hackers to take complete control of the […]

Continue Reading


17 May 2006 | 5,306 views

Source Code & Software Security Analysis with BogoSec

Bogosec is essentially a tool for finding security vulnerabilities in source code. BogoSec aims to increase awareness regarding code security vulnerabilities, while encouraging developers to produce more secure code over time. By simplifying the code scanning process, BogoSec achieves a goal of allowing developers to scan their code regularly and more effectively. BogoSec is a […]

Continue Reading


15 May 2006 | 7,655 views

OSSEC HIDS – Open Source Host-based Intrusion System

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of […]

Continue Reading