Tag Archive | "vulnerability-assessment"


25 February 2008 | 7,458 views

Nessconnect 1.0.1 Released – GUI, CLI & API Client for Nessus

Nessconnect is an open-source software package that can connect to a Nessus or Nessus compatible server and provides an advanced graphical user interface. It also provides a command line interface, and an application programming interface in Java. Users can create custom scan profiles, generate extensive reports, and perform differential scans and analysis. Nessconnect was previously [...]

Continue Reading


09 October 2007 | 2,728 views

SSA Version 1.5.2 – OVAL Vulnerability Assessment Software

SSA (Security System Analyzer) is free non-intrusive OVAL-Compatible software. It provides security testers, auditors with an advanced overview of the security policy level applied. Features : OVAL-compatible product SCAP (Security Content Automation Protocol) Perform a deep inventory audit on installed softwares and applications Scan and map vulnerabilities using non-intrusive techniques based on schemas Detect and [...]

Continue Reading


27 August 2007 | 10,129 views

Pixy – New & Free Open-source XSS and SQL Injection Scanner for PHP Programs

Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits. Unfortunately, this manual vulnerability search is a very tiresome and error-prone task. Pixy is a Java program that performs [...]

Continue Reading


06 August 2007 | 19,164 views

Inguma – Penetration Testing Toolkit

Inguma is a penetration testing toolkit entirely written in python. The framework includes modules to discover hosts, gather information about, fuzz targets, brute force user names and passwords and, of course, exploits for many products. Inguma the word is the name of a Basque’s mythological spirit who kills people while sleeping and, also, the one [...]

Continue Reading


26 April 2007 | 3,710 views

SSA 1.5.1 Released – Security System Analyzer an OVAL Based Scanner

A new version of SSA (Security System Analyzer) has been released – version 1.5.1. SSA is a scanner based on OVAL, the command line tool provided by MITRE is not very easy to use so the guys at Security Database decided to write a GUI to make it simple to use and understand and then [...]

Continue Reading


04 April 2007 | 5,001 views

SSA 1.5.1 – Security System Analyzer an OVAL Based Scanner

Open Vulnerability and Assessment Language (OVAL) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout [...]

Continue Reading


14 November 2006 | 22,627 views

Installing Nessus on Debian-based OSs like Ubuntu

With this simple tutorial I will explain how to install Nessus client (nessus) and Nessus Daemon (nessusd) and properly register it, so you don’t end up with the limitations of a non-registered version of the vulnerability scanner. Installing: I personally use apt-, however, you may choose any other package manager. apt-get install nessus nessusd -y [...]

Continue Reading


25 April 2006 | 38,952 views

Penetration Testing vs Vulnerability Assessment

There seems to be a certain amount of confusion within the security industry about the difference between Penetration Testing and Vulnerability Assessment, they are often classified as the same thing when in fact they are not. I know Penetration Testing sounds a lot more exciting, but most people actually want a VA not a pentest, [...]

Continue Reading


14 March 2006 | 15,692 views

Who is Darknet?

Well seen as though I tell the others to do some kind of introduction, probably I should do one for myself too. Then I started out with a Spectrum ZX-81 back in the olden days, typing whole games out of the Spectrum magazines I picked up from charity shops. Yah it had no tape drive, [...]

Continue Reading


01 March 2006 | 17,257 views

Should Social Engineering be a part of Penetration Testing?

This is actually a very interesting debate. Just to introduce if you don’t know.. What is Penetration Testing A penetration test is a method of evaluating the security of a computer system or network by simulating an attack by a malicious cracker. The process involves an active analysis of the system for any weaknesses, technical [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·