(Page 4 of 125)   < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >

Category: Auditing

Added 2008-08-24
by David Byrne
Grendel-Scan is an open source web application security tool. It has a number of automated testing modules for finding common vulnerabilities such as SQL injection, cross-site scripting, or session fixation. There are also a number of features to aid in manual application penetration testing, such as a intercepting proxy.

Added 2008-08-20
by Exaprotect
EventManager is a full-featured security breach and threat detection appliance. It integrates tightly with (and is upgradeable from) Exaprotect’s LogManager solution. EventManager constantly monitors and analyzes a vast array of input sources including security network devices, applications, operating systems, intrusion detection systems, and databases to correlate disparate events such as user authentication, VPN access, and database alterations to provide insight into potential security threats facing your organization’s infrastructure. An elegant user interface and reporting engine conceal the raw power and complexity of the advanced correlation engine that provides unparalleled accuracy in tracking multiple-step security threats and virtually eliminating false alarms. A large set of pre-built settings and a wizard-based AJAX interface for custom data sources make setup and maintenance fast and straightforward.

Added 2008-08-20
by Exaprotect
LogManager is a self running appliance that collects and stores the massive amounts of log data generated from applications and network devices found in large enterprise-class infrastructures. It provides a quick and cost-effective solution for organizations trying to achieve regulatory compliance today while enabling a simple upgrade to full-featured Event Management functionality tomorrow.

Solsoft ChangeManager
Added 2008-08-20
Solsoft ChangeManager is the only centralized, Intelligent Multivendor platform that streamlines the end to end Design and Generation of Network Security rules for Firewalls, Router, VPN, IPS’s. ChangeManager acts as a central Network Security Rule repository. It’s visual policy interface designs, generates, implements, tracks and audits your security rules for multi-vendor networks consisting of firewalls, routers, switches, VPNs and IPs. ChangeManager's Topology or Tabular interface streamlines the change management process during firewall migration and other complex security update configuration changes. Users can simply drag-and-drop a new service across their network and ChangeManager will translate this high level, business policy change request into device-level instructions providing a simple, scalable model that can represent the most complex policies. ChangeManager’s “Rules Engine” automatically optimizes, orders, inserts, checks rules for conflicts and applies these generated security configurations on the network devices effected by the rule change. Thus providing true end-to-end security rule design and auditing capability. After the acquisition of Solsoft by Exaprotect, Solsoft Policy Server, Firewall Manager and NetFilterOne were integrated into the Exaprotect security product line as Solsoft ChangeManager. Exaprotect provides centralized Configuration Management, Log Management, and Event Monitoring and Correlation solutions for enterprises and service providers with large-scale, heterogeneous network infrastructures.

Added 2008-08-17
by Jan P. Monsch, Raffael Marty
DAVIX - the Data Analysis & Visualization Linux® - brings the most important tools for data processing and visualization to your desk. This solution allows you to get started with security visualization without cumbersome compiling and installing tools. The DAVIX CD is based on SLAX 6.0 and follows a modularized approach. Thus, the SLAX ISO image can easily be customized for various purposes. It can even be installed on USB sticks and provide you with mobile analysis capabilities. The CD is shipped with a comprehensive manual that gives you a quick start for all tools and provides information on how-to tailor DAVIX to your needs. All tools are accessible through the KDE start menu and are accompanied with links to external manuals and tutorials.

Added 2008-08-02
by Sergio Castro
Many (if not most) VoIP devices have available a Web GUI for their configuration, management, and report generation. These Web GUIs are often on default, meaning that the moment you install the IP phone or IP PBX, the Web GUI is immediately available on the network. And unfortunately it is also common for the username and password to have the default values. Sipflanker will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI.

Added 2007-11-27
by Security Compass
Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use.

syslog-ng Premium Edition
Added 2007-08-10
by BalaBit IT Security
The syslog-ng Premium Edition application is a system logging client and server application that offers native TCP and TLS support, disk buffering, and logging directly into SQL databases. It runs on a variety of UNIX-like systems, and can also collect logs from Microsoft Windows platforms.

Added 2007-07-16
by Imperva ADC
Freeware database security assessment tool. Safe for production environments. Does not contain exploit code.

Added 2007-07-15
by SuRGeoN/SeSp
Converts a BINARY file to TEXT Supports files bigger than 64KB and control for bytes perl line also read this-> http://surgeon.gotdns.org/tutos/srgn-pentest-02.txt

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus