Introduction It’s been a while since we’ve looked at any Acunetix products in depth, they’ve always had a solid Web Vulnerability Scanner as we found in our reviews of Acunetix WVS 6 and Acunetix WVS 7. Version 9.5 of the Web Vulnerability Scanner was released earlier this year and late last year Acunetix also announced […]
Security Software
Oryon C Portable – Open Source Intelligence (OSINT) Framework
Oryon C Portable is a web browser designed to assist researchers in conducting Open Source Intelligence investigations. Oryon comes with dozens of pre-installed tools and a select set of links catalogued by category – including those that can be found in the OI Shared Resources. Based on SRWare Iron version 31.0.1700.0 (Chromium) More than 70 […]
LinEnum – Linux Enumeration & Privilege Escalation Tool
LinEnum will automate many Local Linux Enumeration & Privilege Escalation checks documented in this cheat sheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful SUID/GUID files and Sudo/rhost mis-configurations and more. An additional ‘extra’ feature is that the […]
Brakeman – Static Analysis Rails Security Scanner
Brakeman is a Rails security scanner – unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it. Once Brakeman scans the application code, it produces a report of all security issues it has found. It […]
RIPS – Static Source Code Analysis For PHP Vulnerabilities
RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced […]