|
(Page 1 of 38) 1 2 3 4 5 6 7 8 9 10 11 Next > Category: System Security Management Scuba Added 2007-07-16 Freeware database security assessment tool. Safe for production environments. Does not contain exploit code. SpyStudio Added 2007-05-02 SpyStudio is an application to monitor API calls made by different processes. It simplifies the code execution interception operations to really know what is happening in the Windows Operating System's processes and in its applications. Training in a Flash Malware Protection Added 2007-04-18 A free, 3 minute Flash Program to train enterprise users on malware attacks and how to avoid them. Secret Server Added 2007-04-09 Secret Server is a password management system designed for colleagues in enterprises to securely store and share secrets. Secrets include but are not limited to: passwords, bank account information, product license keys, etc. Activity and Authentication Analyzer Added 2007-03-13 Security software destined to comprehensive analysis of the user traces (evidences) left after work. AAAnalyzer allows user to search the traces left in system registry, edit registry keys related to the activity and authentication analysis, eradicate them in safe way, keep search log-files, and backup made changes. Utility works in 9x/NT/2000/XP/2003 Windows - and needs additionally only Internet Explorer version 4 or higher Scuba by Imperva Added 2007-03-05 Scuba by Imperva is a free, lightweight Java utility that scans Oracle, DB2, MS-SQL, and Sybase databases for known vulnerabilities and configuration flaws. Based on its assessment results, Scuba creates clear, informative reports with detailed test descriptions. Summary reports, available in Java and HTML format, illustrate overall risk level. With Scuba by Imperva, you are quickly on your way to meeting industry-leading best practices for database configuration and management. Venak & Avenak Detection Scanner Added 2007-01-10 Introduction Venak & Avenak scanner is tool for protection your system form some threat files likes spys, viruses, worm and rootkits. It reality this is a detection tool. This tool also use from a new technology that called MPS (Main Protection System). In fact Main Protection System or MPS is a cause and effect system. MPS is a logical system. The MPS like a tracer, any Service, process or Driver has own File, with this method we will trace route any threat or function on windows. Basic Features All events likes: • Processes (Heaps, Modules, Handlers, Threads, Processes Addresses and Process Sign) • Md5 Signature • List of Derivers in system with their states • Unloading Kernel Drivers • Services • All active Ports ( TCP/UDP) • Files types • Give Handlers ( Explorer's name , Page's Name , Hwnds) • Event log monitoring • Startup files • Explorer files • Explorer Registry keys – Beta 2 • Monitoring ports and users – Beta 2 Extra Features • Sensitive strings The sensitive string is way for finding some viruses that makes same name likes Svchost, Lsass, Winlogon and many other original windows functions, if any process has same name like those the Program makes an alert and shows a security threat. For example if any process be in "C:\windows\" and have "svchost" name it's already a threat. You can audit this method and make the special sensitive for yours. When the system finds any problem, makes an alert. • Analyzing the Processes with PID Brute Force Some rookits try to hide own Process PID, with this trick we can find these processes. Some tools like Fu and some Hidden Processes with an SSDT Hook use this method to hide them self. Also these tool use by changing in NewZwQuerySystemInformation functions and analysis the results and filter them. They try to change the query of these process lists and when we are using by some basic function in "kernel32.dll" we see the filter result. As this point we can find the other tools like some protection tool for example: Rootkit removers and some Viruses scanners. Some files that didn't have any path string are a threat. • IAT ( Import Address Table) IAT is a global table that contains a list of all the function pointers to any function mapped into the running process. With this tool you can see all these value for per process. • Online Testing Online testing is a powerful part of this program. Like most antivirus this program have a potential method with using from shell programming in windows. With online searching, when you're open your Explorer like IE or Windows Explorer the system fined your current target (Folder). The system searching for all Executable files likes DLLs and EXE files in current folder. After finding these files the program makes a MD5 Signature from all files and start searching in Threat List, when find same Sign, makes an alert. • Twice extension The old trick using by viruses programmers is two extensions for one file like: document.txt.exe. In searching directories when the system find these type files makes an alert and give the signature of file in threat list. • MD5 Signature You can see the MD5 signature of any loaded processes and modules in system with this option. In Beta 1 version finding the threat is manually type but in Beta 2 we have online and automatic testing and detection. • Path Checking Path checking is a simple way to detect some loading processes into system as threat. When In loading processes we have a process with null path file and it isn't be an original services that we detect before ,the system make an alert for this process and it show with Magenta color. good luck , nima SIP Proxy VoIP Security Test Tool Added 2006-12-15 SIP Proxy is an Open Source VoIP security test tool which has been developed by the students Philipp Haupt and Matthias Hürlimann during their diploma thesis and second student research project at the University of Applied Sciences Rapperswil (www.hsr.ch). Business partner was Compass Security AG in Rapperswil (www.csnc.ch). Description: In the so called "Proxy Mode", the application acts as a proxy between a VoIP PBX (e.g. Asterisk) and a UA (VoIP hard- or softphone). SIP traffic can be sniffed and dynamically manipulated with the help of regular expressions. Logged SIP messages can be modified and resent. In the "Test Case Mode" predefined security tests which are specified as XML files can be run against a specific target. Fuzzing technology, which is a kind of black-box testing, can be applied to find weak spots in VoIP devices. There are many more specific modules which can be used within such a test case. For example Wordlist- or Bruteforce attacks. While running a test case, feedback is given by displaying a grahical report which can be exported in a printable PDF document afterwards. With the help of SIP Proxy, several software bugs and configuration faults in specific VoIP devices have already been discovered. Check out this new and innovative software on SourceForge: http://sourceforge.net/projects/sipproxy VAM Added 2006-12-04 The StillSecure VAM vulnerability management platform identifies, tracks, and manages the repair of network vulnerabilities across the enterprise. VAM mitigates the risk of network exploitation through end-to-end vulnerability lifecycle management. VAM scales seamlessly, from simple LAN deployments to enterprise-level networks. Managed from a single Central Server, multiple Distributed Scanners (DSs) can be deployed to provide the coverage required. Specops Password Policy Added 2006-11-16 Specops Password Policy is an advanced password filter that gives you more than one password policy per domain in Windows. Something that Microsoft left out from Windows 2000 and Vista. With Specops Password Policy you can have an unlimited number of password policies per Active Directory domain. Specops Password Policy also increases your password granularity options a lot compared to the built-in password policy settings in Windows. Browse by category |
|
|
Privacy Statement |
