|
(Page 8 of 84) < Prev 3 4 5 6 7 8 9 10 11 12 13 Next > Category: Utilities Collapse Web Application Scanner Added 2006-06-20 Collapse, a free tool from Syhunt, allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Collapse scanner requires basic inputs such as host names and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. 1100 new vulnerabilities were added in the last months of 2006 Medusa Added 2006-06-14 Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. Belkasoft Forensic IM Extractor Added 2006-06-12 This tool for e-crime/forensic professionals eases their work on analysing Internet Messengers histories. No password required. Supports various IMs: ICQ versions 99a up to ICQ5, MSN Messenger, Yahoo! Messenger, &RQ, Miranda. Supports deep ICQ analysis using different methods (with and without usage of index file) that allows user to extract even deleted and overwritten messages. The latter ability is indispensable for e-crime professionals. A number of different options available like filtering messages by time, sent/received type, user; ability to convert history to ICQ5 format; multibyte codepages are supported. More info at http://belkasoft.com. Password Policy Enforcer Added 2006-05-30 Password Policy Enforcer allows you to create and enforce up to 256 different password policies in a Windows domain. Policies are easily configured, and can be assigned to specific users, groups, and organizational units. An optional client component helps users to choose a suitable password, and reduces password related helpdesk calls. PPE is the only commercially available password filter specified in the "DISA Field Security Operations - Windows 2003/XP/2000 Addendum V5R1 [UNCLASSIFIED]" PPE can also integrate with ANIXIS Password Reset, a self-service password management system that allows users to securely reset their own passwords. Tiger Envelopes Added 2006-05-21 Tiger Envelopes lets you read and write mail without worrying about who's snooping on you. Ordinary email is like sending all your messages on postcards. Anyone who's nosy can read it. What we need is something as easy as envelopes, but for email. That's what Tiger Envelopes is. You don't need to change your mail client. There are no extra steps. Tiger even puts your message in the envelope for you. One click to install on Windows, Mac, and Linux. Automatically configures Outlook, Outlook Express, Mac Mail and KMail for you. It's free and open source, of course. SwitchSniffer Added 2006-05-20 >>> Overview SwitchSniffer is a program that can scan your switched LAN for up hosts and can reroute and collect all packets without the target users' recognition. It can also detect the ‘arpspoofer’ program running on the network and block user definable sessions like firewall. If you use this program in tandem with any sniffer program, you can capture and see the users’ IDs and passwords on a switched network. That is, SwitchSniffer enables you to monitor all the packets and all the hosts on a switch network. >>> SwitchSniffer has the following features: SwitchSniffer can poll and collect all the packets on the switched LAN. SwitchSniffer can scan and display the active hosts on the LAN quickly, and automatically. While spoofing ARP tables, SwitchSniffer can act as another gateway (or ip-forwarder) without other users' recognition on the LAN.' It can collect and forward packets by selecting inbound, outbound, and both to be sent to the Internet. An ARP table is recovered automatically in about 30 seconds. But, SwitchSniffer can keep spoofing continuously by updating the target computer’s ARP table more frequently. If one or more network interface cards are installed on a computer, you can choose which NIC you would like SwitchSniffer to scan and spoof through. SwitchSniffer can display information about the amount of data transferred to and from the internet. SwitchSniffer can detect if any computer on the LAN is running an ‘arpspoofer’ program. SwitchSniffer can filter: sessions, local hosts, and remote hosts. The installation of the ‘winpcap’ driver is not necessary for SwitchSniffer. SwitchSniffer can manage the local hosts based on MAC Address. SwitchSniffer can act as a plug-and-played router. SwitchSniffer can export the data of view into an excel file. >>> SwitchSniffer has the following benefits: SwitchSniffer can find the hidden hosts on the LAN, which is not found by IP-Scanners. SwitchSniffer can find if abnormal hosts are connected to your wireless network. SwitchSniffer protects your network from abnormal users. SwitchSniffer can check if there are abnormal packets on the LAN. SwitchSniffer allows you to capture user IDs, passwords, chat sessions and web sessions etc., on the switched network through the use of a sniffer application. SwitchSniffer can block the local hosts based on MAC Address. SwitchSniffer can resolve the problem of IP Collision. SwitchSniffer can find out the country name by ip address on remote. SwitchSniffer enables you to monitor all the packets on a switch network. ifswitch Added 2006-05-19 With this tool you can switch your w/lan config very fast; It was mainly written to offer very special functions like automatic mac-changing and adding static arp entries, which isn't possible with normal tools and startup scripts. It is intended to be used on an "unfriendly" network or in pentests :) The following settings can be made in the config file: - interface ip (eth0_ip=... or eth0_ip=random or eth0_ip=random#pre.fix) - broadcast (eth0_broadcast=...) - netmask (eth0_netmask=...) - default gateway (defaultgate=...) - dns server(s), you can specify multiple lines (dns=ip) - mac address; complete, prefix or random (eth0_mac=aa:bb:cc:dd:ee:ff or eth0_mac=random or eth0_mac=random#pr:ef:ix) - static arp entries to prevent arp spoofing attacks, you can specify multiple lines (static_arp=ip#mac) - wlan ssid & wep key (eth0_ssid=ssid#key) WSFuzzer Added 2006-05-17 A web services (currently SOAP) pen testing fuzzer. It works off a combination of static attack data as well as dynamic intelligently generated attack vectors. Some of its features are IDS Evasion and some automated WSDL discovery. Active Last Logon Added 2006-05-16 Active Last Logon adds a tab to Active Directory Users and Computers displaying the most accurate and up to date last logon date and time for a user. It works by polling all domain controllers in the domain to get the most recent value for the non replicated Active Directory attribute lastlogon. OSSEC Added 2006-05-12 OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. Browse by category |
|
|
Privacy Statement |
