PenTBox is a Security Suite that packs security and stability testing oriented tools for networks and systems. Programmed in Ruby and oriented to GNU/Linux systems, but compatible with Windows, MacOS and every systems where Ruby works. It is free, licensed under GNU/GPLv3. PenTBox Contains Cryptography tools Base64 Encoder & Decoder Multi-Digest (MD5, SHA1, SHA256, SHA384, […]
Archives for March 2010
Browser Fingerprints – How Unique Is Your Browser – Panopticlick
[ad] Now this is another interesting attack vector using little bits of data not many people consider. I have heard about this kind of technique before and considered how it’d be done myself. Finally someone has put together a public version of a tool that can tell you how unique your browser footprint is. As […]
Flint – Web-based Firewall Rule Scanner
[ad] Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems so you can: CLEAN UP RUSTY CONFIGURATIONS that are crudded up with rules that can’t match traffic. ERADICATE LATENT SECURITY PROBLEMS lurking in overly-permissive rules SANITY CHECK CHANGES to see if new rules create problems. Flint is absolutely […]
Website Auto-complete Leaks Data Even Over Encrypted Link
I’m always fascinated by side-channel attacks where the attack is focused on the underlying architecture of the cryptosystem and the data echos it creates rather than the algorithm or implementation itself. Similar somewhat to the recent breaking of OpenSSL using power fluctuations. This time some researcher type fellas focused on the digital noise autocomplete webforms […]
skipfish – Automated Web Application Security Reconnaissance Tool
[ad] The safety of the Internet is of paramount importance to Google, and helping web developers build secure, reliable web applications is an important part of the equation. To advance this goal, Google has released projects such as ratproxy, a passive security assessment tool. The latest is they have announced a new tool called skipfish […]