|
(Page 1 of 3) 1 2 3 Next > Category: Intrusion Detection » Web BinarySEC Added 2007-01-25 BinarySEC is an intelligent web application firewall. It suppresses 99,9% malicious HTTP(S) traffic and installs in less than 15 minutes. Its AI engine can modelize normal requests and reject abnormal traffic in minutes. Software solution working as a module. Less than 2% impact on performance. WSFuzzer Added 2006-05-17 A web services (currently SOAP) pen testing fuzzer. It works off a combination of static attack data as well as dynamic intelligently generated attack vectors. Some of its features are IDS Evasion and some automated WSDL discovery. WSTOOL(Web vulnerable scan tool) Added 2006-05-10 Web vulnerable scanner (For ASP + SQLSERVER) - SQL injection - XSS Cross Site Scripting - 404/500 server error - Admin/Manage folder search - web-base or command-line scanner by PHP - Check up collate with HTML FORM and LINK Network Equipment Performance Monitor Added 2006-03-16 NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems. Many networks behind separate firewalls can be reported on at one central site, and hard-to-reach isolated nets can be accessed. NEPM itself is system independent and can be hosted on either a UNIX or WinNT system or a combination of these with equal ease. NEPM monitors and reports uptime, critical events such as intrusion attempts, access rates, bytes-transferred rates, and error rates of network nodes. Unique precursor event links drill down instantly to the causes of downtime, intrusion events, etc. Performance graphs highlight element throughput and error rate. Hardware and software sub-systems within nodes are tracked and reported separately but in a common format that makes possible direct comparison. True hardware uptime is reported so that hardware and software performance can be separated from that of the communications links and from each other. Summary reports and alerts aggregate a view of an entire network's status onto a single page. Reports are provided via web pages posted to a web server for instant access to results. E-mailed text alerts provide prompt notification of dangerous conditions. NEPM is managed via a browser interface, providing full local or remote control from anywhere on the network. Use NEPM to increase your network uptime, increase network security, monitor QOS and SLA's, and evaluate new equipment. Equipment monitored can be Windows or Linux/UNIX/FreeBSD servers, or any processor-based system that logs events to non-volatile storage and has a telnet/rlogin/ssh/IP stream-mode interface dotDefender Added 2006-02-06 dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). easily installed, dotDefender requires minimal administrator maintanance and updates via a "live update" functionality that keeps its rule set up to date, enabling it to secure the Web environment from the moment it is deployed. dotDefender is cost-effective and is available for a 30 day evaluation period at www.dotdefender.com dotDefender Added 2005-12-19 dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). dotDefender installs within moments on the Web server along with a predefined, configurable rule-base - enabling it to secure the Web environment from the moment it is deployed, with virtually no administrator intervention. dotDefender retails at a fraction of the cost of conventional web application firewalls, and is available for evaluation via a free 30-day trial. SOAPSonar Enterprise Edition Added 2005-12-18 SOAPSonar Enterprise Edition is a SOAP/XML Web Services diagnostics tools. The software performs Vulnerability Assessment and Compliance Testing of SOAP/XML based Web Services. Vulnerability Assessment enables a user to perform vulnerability discovery, risk assessment and risk mediation of an Enterprise Web Service. The software also provides Functional and Performance testing features. The software has a very rich reporting engine that enables the user to determine the risk posture of a Web Service. Prelude Hybrid IDS Framework Added 2005-09-21 Prelude is a Hybrid IDS framework, that is, a product enabling all security applications, be it open-source or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using a unique language. Basic Analysis and Security Engine (BASE) Added 2004-11-12 BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system. PHP_Sec (Wasp Project) Added 2004-10-07 PHP_Sec is a library for PHP, designed to detect possible Web attacks, use encryption and log information quickly and easily. The library acts as an IDS but at script level detecting possible SQL Injection, Cross Site Scripting, Directory Traversal, Evasion Techniques and various other vulnerabilties. By adding 2 lines of code we can protect any application PHP application in an easy way. Browse by category |
|
|
Privacy Statement |
