|
(Page 1 of 16) 1 2 3 4 5 6 7 8 9 10 11 Next > Category: Auditing » Host OSSEC HIDS Added 2009-02-27 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. OSSEC HIDS Added 2008-11-18 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. Injector Added 2008-10-12 Injector is an automatic SQL injection tool able to evade signature detection by encoding its payload commands in binary format using the SQL CAST command. It can create automatic web site defacement or OS command execution on the backend database server. Good for testing web site immunity against ASPROX bot-net mass sql injections. OSSEC HIDS Added 2008-08-29 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. Scuba by Imperva Added 2007-03-05 Scuba by Imperva is a free, lightweight Java utility that scans Oracle, DB2, MS-SQL, and Sybase databases for known vulnerabilities and configuration flaws. Based on its assessment results, Scuba creates clear, informative reports with detailed test descriptions. Summary reports, available in Java and HTML format, illustrate overall risk level. With Scuba by Imperva, you are quickly on your way to meeting industry-leading best practices for database configuration and management. SSA Security System Analyzer Added 2007-02-21 A local vulnerabilty analyzer based on OVAL concept. http://www.security-database.com/ssa.php 1.5 Final Release * NOW SSA Security System Analyzer in added to OVAL.mitre.org compatibility program o http://oval.mitre.org/compatible/questionnaires/21.html * NOW fully based on OVAL 5.2 Interpreter. * Added OVAL XML Database Plug-in. o View OVAL ID Information o Search by OS and OVAL ID + Double click on entry and get more information (linked to OVAL.mitre.org and security-database.com) o More information about CVE (CVSS, Related sources, Related missed patches....) * Added function Stop/Reload in SSA * Improved performance in SSA Core Scanner * Fixed bugs (function checks, abnormal scan abort...) * Fixed bugs in Updater Plug-in * Added second progress bar in Updater Plug-in to indicate the stages left to be processed. Taof - the art of fuzzing Added 2006-10-11 Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols. Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests from a client to a server. After the data retrieval phase, Taof presents the logged requests and allows the user to specify the fuzzing points within the requests. Collapse Web Application Scanner Added 2006-09-05 Collapse, a free tool from Syhunt, allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Collapse scanner requires basic inputs such as host names and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. This new version includes an improved GUI, new web application security checks and many other additional enhancements. Chorizo! Added 2006-07-18 Chorizo! is a web app security scanner especially for PHP based applications. It's an application service (all data encrypted on the server, no one can see the results except the users) that is able to detect SQL injections, AJAX bugs, code inclusions/executions, session fixations, PHP vulnerabilities and so on. It will also be available as an appliance version for testing non-public websites. Helios Added 2006-07-14 Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation. Browse by category |
|
|
Privacy Statement |
