XVI32 (Hex Editor) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfKbk21vbvXwrLz_cmg0bxQMruPCPz2nvYnXxCk0sGxdW_whra8hYD4-XctyMjpvphrhLmUTc5-BXdHG-0e4EvoZxnwCbNAiK9EGQ3-83G9vab2BkutNSQZnQsPXFbnxtipbJvB2WVb9Rw/s1600/XVI32+Hex+Editor+Screenshot.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="XVI32 Hex Editor Screenshot" border="0" height="265" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfKbk21vbvXwrLz_cmg0bxQMruPCPz2nvYnXxCk0sGxdW_whra8hYD4-XctyMjpvphrhLmUTc5-BXdHG-0e4EvoZxnwCbNAiK9EGQ3-83G9vab2BkutNSQZnQsPXFbnxtipbJvB2WVb9Rw/s1600/XVI32+Hex+Editor+Screenshot.gif" title="XVI32 Hex Editor Screenshot" width="400" /></a></div> </div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"><b>XVI32</b> is a freeware hex editor running under <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> 9x/NT/2000/XP/Vista/7. The name <b>XVI32</b> is derived from <i>XVI</i>, the roman notation for the number 16. XVI32 and all of its components are developed by myself. </span></span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;">The current release 2.55 is available since June 26, 2012. It comes with a complete online help and requires only 1.02 MB of hard disk space. There is no setup program needed - just unzip the downloaded archive to your hard disk! <b>XVI32</b> doesn't write any data to your registry. </span></span></div> <h2 style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;">Features</span></span></h2> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"> <b>XVI32</b> has the following main features. Especially note the <b>highlighted</b> advantages of XVI32. </span></span></div> <ul style="text-align: justify;"> <li><span style="font-family: inherit;"><span style="font-size: small;">XVI32 is a <b>portable application</b>, i.e. no setup program is needed, you can run <b>XVI32</b> from your <a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> stick, no data is written to the registry </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>data inspector</b> to view decoded numbers (see screen shot; can be turned off). </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Has <b>built-in script interpreter</b>. </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Easily works with huge files.</b> Try to open a 60 MB sized text file with some other hex editor (not to speak about Wordpad), then use XVI32... If you don't have such a huge text file, use my <a href="http://www.toolwar.com/search/label/Tools" target="_blank">freeware tool</a> RndFile to create one </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>XVI32</b> allows to edit files <b>up to 2 GB</b> (enough virtual memory provided, of course) </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">For your convenience, <b>XVI32 stores settings</b> and last used search strings etc. in XVI32.INI file </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Progress indication in percent</b> for most operations </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">You can <b>abort nearly all operations</b> (reading/writing files, search, replace, print...) </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Display of both text (ASCII/ANSI) and hexadecimal representation </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Two synchronous cursors</b> in text and hex area </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Fully resizeable window (change number of rows and columns) </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Font and font size adjustable </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Overwrite or <b>insert</b> characters </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Insert text or hex string <b>n times</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Switch byte offset (address) of first byte between <b>0 or 1</b> to examine also record structure of plain text files </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Search text or hex string</b>, e.g. find "this text" or find "0D 0A" </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Simplified search for Unicode Latin (UTF-16) strings</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Search optionally with joker (wildcard) char</b> that will match any character, e.g. find "A.C" or "00 2E 2E 00" where "." = "2E" (user-defined) stands for any character </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Fast searching algorithm <b>(Quicksearch)</b> for <b>both</b> search directions (down/up) </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Count</b> occurences of text or hex string </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Replace</b> text or hex string, e.g. replace "0D 0A" by "0A" or replace "0D 0A" by text "EOL" </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Extremely fast "replace all"</b> mode (if needed, additional memory is allocated <i>beforehead</i>, not at every single replacing operation) </span></span></li> <li><span style="font-family: inherit;"><span style="font-size: small;">Menu item <b><i>Shredder data</i></b> to overwrite all bytes of a file with binary zeroes </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Auto-fill</b> feature to copy bytes from current address into input field for hex string using right arrow key </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Character conversion using self-defined character table</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Easy <b>converting of text to hex string</b> in dialogs (e.g. "abc" -> "61 62 63") </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Decoding and encoding of 1, 2, 4, and 8 byte integers or 4/8 byte floats</b> in 2 possible byte orders </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Bit manipulation</b> (view or set bits) </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Open file in <b>Read Only Mode</b> (e.g. if opened by another application or to avoid unintentional modifications) </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Insert file contents</b> into file </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Write block to file</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Copy, move or delete block </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Clipboard support </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Goto address <b>(absolute or relative up/down)</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Up to <b>9 named bookmarks</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Enter jump width and jump up/down <b>(useful for files with fixed record length)</b></span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Patch BORLAND PASCAL 7.0 EXE files</b> for execution on processors > 200 MHz </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;"><b>Printing with preview</b> or print to file </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Simplified search for Unicode Latin (UTF-16) strings </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Command "Reload" to open current file again </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">Easily access most recently used files </span></span> </li> <li><span style="font-family: inherit;"><span style="font-size: small;">And last, but not least: <b>XVI32 is free!</b></span></span> </li> </ul> <h3 style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;">Tutorials ::</span></span></h3> <div style="text-align: justify;"> <span style="font-size: small;"> <span style="font-weight: normal;"><b>Installation :: </b></span></span></div> <h3 style="text-align: justify;"> <span style="font-size: small;"><span style="font-weight: normal;">You don't need to execute a setup programm writing obscure data to your registry or updating DLLs in your Windows system folder. Simply proceed as follows: </span><ol> <li><span style="font-weight: normal;">Create a directory on your hard disk, e.g. C:\Program Files\XVI32</span> </li> <li><span style="font-weight: normal;">Unzip the downloaded archive xvi32.zip completely into this directory</span> </li> <li><span style="font-weight: normal;">Run XVI32.EXE </span> </li> </ol> </span></h3> <span style="font-size: small;"><b>Screenshots :: </b><a href="http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm#screenshots" target="_blank">Click Here</a> </span><br /> <b>Video Tutorials ::</b> <a href="https://www.youtube.com/watch?v=MLRayJkJUCQ" target="_blank">Click Here</a><br /> <h3 style="text-align: justify;"> <span style="font-size: small;">Download ::</span></h3> <div style="text-align: justify;"> <span style="font-family: inherit;"><b><span style="font-size: small;">Windows :: </span></b><span style="font-size: small;"><a href="http://www.handshake.de/user/chmaas/delphi/download/xvi32.zip" target="_blank">XVI32</a> (.zip)</span></span></div> <div style="text-align: justify;"> <span style="font-family: inherit;"><span style="font-size: small;"><b>Official Website :: </b><a href="http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm">http://www.chmaas.handshake.de/delphi/freeware/xvi32/xvi32.htm</a></span></span></div>

XVI32 (Hex Editor) :: Tools

XVI32 is a freeware hex editor running under Windows 9x/NT/2000/XP/Vista/7. The name XVI32 is derived from XVI , the roman notation ...

Read more »

SIPVicious (Auditing SIP Based VoIP System) :: Tools

<div style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><img alt="SIP VoIP " border="0" height="324" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs5pKQQ6VdyR7URrQT6nS1VVL0igxhRv5L4g9jfkKRkBLjfBegI6eKZANJ63AqMiWYIf8m2YEb8azNj4j9bwx-gCWo_jYM66n1k2GggJOHg0mLwLS0hJ7h7UWskxn3gWk6PAqEtxcvgABJ/s1600/SIP+VoIP.png" title="SIP VoIP " width="640" /></div><b>SVMAP</b> is a part of a suite of tools called <b>SIPVicious</b> and it’s my favorite <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> of choice It can be used to scan identify and fingerprint a single IP or a range of IP addresses. <b>Svmap</b> allows specifying the request method which is being used for scanning, the default method is OPTIONS, it offers debug and verbosity options and even allows scanning the SRV records for SIP on the destination domain. You can use the <b>./svmap –h</b> in order to view all the available arguments </div><div style="text-align: justify;"><b>SIPVicious suite</b> is a set of <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a> that can be used to audit SIP based <a href="http://www.toolwar.com/search/label/VOIP" target="_blank">VoIP systems</a>. It currently consists of four tools: </div><ul style="text-align: justify;"><li>svmap - this is a sip scanner. Lists SIP devices found on an IP range </li> <li>svwar - identifies active extensions on a PBX </li> <li>svcrack - an online password cracker for SIP PBX </li> <li>svreport - manages sessions and exports reports to various formats </li> <li>svcrash - attempts to stop unauthorized svwar and svcrack scans </li> </ul><div style="text-align: justify;">It was tested on the following systems: </div><ul style="text-align: justify;"><li><a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux </a></li> <li><a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X </a></li> <li><a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows </a></li> <li><a href="http://www.toolwar.com/search/label/FreeBSD" target="_blank">FreeBSD 6.2 </a></li> <li>Jailbroken iPhone with python installed </li> </ul><div style="text-align: justify;">If you use it on systems that are not mentioned here please let me know goes it goes. </div><h3 style="text-align: justify;">Tutorials ::</h3><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Zp_gzjV8l4c?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><div style="text-align: justify;"></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/3a7xJeNQfOk?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><h3 style="text-align: justify;"> </h3><h3 style="text-align: justify;">Download ::</h3><div style="text-align: justify;"><b>Linux | Windows | Mac | FreeBSD :: </b><a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.zip" target="_blank">SIPVicious v0.2.8</a> (.zip) | <a href="http://sipvicious.googlecode.com/files/sipvicious-0.2.8.tar.gz" target="_blank">SIPVicious v0.2.8</a> (.tar.gz)<b> </b></div><div style="text-align: justify;"><b>Official Website :: </b> <a href="http://code.google.com/p/sipvicious/">http://code.google.com/p/sipvicious/</a></div>

SIPVicious (Auditing SIP Based VoIP System) :: Tools

SVMAP is a part of a suite of tools called SIPVicious and it’s my favorite scanner of choice It can be used to scan identify and fingerp...

Read more »

NBTScan (Scans for Open NETBIOS Name Servers) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxS-BqEkVq8gRluzMKok1FYN4f43CO1Nnia5lF4ZTvXelpQ-Z0lC0lJaBxzhpiwFLZgrk16y7re7wk-pbt1ZcUl405HynotcqrIyBXTQdkdqkzndKFNmdELfpOXIW8jXlCv-B8F8Geaxp/s1600/nbtscan+screenshot.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="nbtscan screenshot windows" border="0" height="333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdxS-BqEkVq8gRluzMKok1FYN4f43CO1Nnia5lF4ZTvXelpQ-Z0lC0lJaBxzhpiwFLZgrk16y7re7wk-pbt1ZcUl405HynotcqrIyBXTQdkdqkzndKFNmdELfpOXIW8jXlCv-B8F8Geaxp/s1600/nbtscan+screenshot.gif" title="nbtscan screenshot windows" width="400" /></a></div> <div style="text-align: justify;"> <b>nbtscan</b> is a <a href="http://www.toolwar.com/search/label/CLI" target="_blank">command-line tool</a> that scans for open <b>NETBIOS nameservers</b> on a local or remote TCP/IP <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a>, and this is a first step in finding of open shares. It is based on the functionality of the standard <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows tool</a> nbtstat, but it operates on a range of addresses instead of just one. I wrote this <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tool</a> because the existing tools either didn't do what I wanted or ran only on the Windows platforms: mine runs on just about everything.</div> <div style="text-align: justify;"> <b>Windows</b> - The Win32 version of the tool, which works well on Windows 9x, NT and 2000, is available below as nbtscan.exe. It's written in portable C and is less than 40 kbytes, requires no special libraries or DLLs, and is run in an MS-DOS command window. I promise that the tools have no viruses, backdoors, or any other kind of overt bad behavior. I don't promise that there are no bugs. </div> <div style="text-align: justify;"> <b>LINUX</b> - the code works fine on <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, and a version built on Red Hat Linux 6.2 is available as well. I have reports that this binary works on Red Hat Linux 6.0 - 8.0, Debian "woody", and Mandrake 8.1 (we don't think we've found a Red Hat, CentOS, or Fedora system that it didn't run on). </div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <pre class="codeblock">C:\> <b>nbtstat -A 192.168.1.99</b> NetBIOS Remote Machine Name Table Name Type Status --------------------------------------------- XPDEV <00> UNIQUE Registered UNIXWIX <00> GROUP Registered XPDEV <03> UNIQUE Registered XPDEV <20> UNIQUE Registered UNIXWIX <1E> GROUP Registered MAC Address = 00-50-04-6D-50-37</pre> <pre class="codeblock"> </pre> <pre class="codeblock">C:\> <b>nbtscan 192.168.1.0/24</b> 192.168.1.3 MTNDEW\WINDEV SHARING DC 192.168.1.5 MTNDEW\TESTING 192.168.1.9 MTNDEW\WIZ SHARING U=STEVE 192.168.1.99 MTNDEW\XPDEV SHARING </pre> <h3 style="text-align: justify;"> </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Linux :: </b><a href="http://www.unixwiz.net/tools/nbtscan-1.0.35.exe" target="_blank">NBTScan</a> (.exe)<b> | </b><a href="http://www.unixwiz.net/tools/nbtscan-source-1.0.35.tgz" target="_blank">NBTScan</a> (.tgz)</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.unixwiz.net/tools/nbtscan.html">http://www.unixwiz.net/tools/nbtscan.html</a></div>

NBTScan (Scans for Open NETBIOS Name Servers) :: Tools

nbtscan is a command-line tool that scans for open NETBIOS nameservers on a local or remote TCP/IP network , and this is a first step ...

Read more »

Vyatta (Vitrual Router, Firewall and VPN) :: Framework

<div class="block-content content" style="text-align: justify;"> <div style="text-align: justify;"> <br /> <article class="article article-type-page clearfix" id="article-6745" role="article"> <div class="article-content"> <div class="field field-name-body field-type-text-with-summary field-label-hidden"> <div class="field-items"> <div class="field-item even"> <div class="separator" style="clear: both; text-align: center;"> <img alt="Vyatta Logo" border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjZ08VeGbo_xXjPTm80en0xpKtHVEsztocx4UkyNj8XcEOklwOsoLpOrOJ9RIi5nqp4y9IlAQ4uUUssHWFzDRGtuowfzaD9ujUFVSNWPnhTLhA8CJf3JethTM45UNfDaSOy-aplzk6SivT/s1600/vyatta+logo.png" title="Vyatta Logo" width="320" /></div> The free community <b>Vyatta Core software(VC)</b> is an award-winning open source <a href="http://www.toolwar.com/search/label/Network" target="_blank"> network</a> operating system providing advanced IPv4 and IPv6 routing, stateful <a href="http://www.toolwar.com/search/label/Firewalls" target="_blank">firewalling</a>, IPSec and SSL OpenVPN, and more. When you add <b>Vyatta</b> to a standard x86 hardware system, you can create an enterprise grade network appliance that easily scales from DSL to 10Gbps. <b>Vyatta</b> is also optimized to run in VMware, Citrix XenServer, Xen, KVM, and Hyper V, providing networking and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> services to <a href="http://www.toolwar.com/search/label/Virutal" target="_blank">virtual machines</a> and cloud computing environments. <b>Vyatta</b> has been downloaded over 1,000,000 times, has a community of hundreds of thousands of registered users and counts dozens of fortune 500 businesses among its commercial customers.<br /> On this site, you'll find all the downloads, <a href="http://www.toolwar.com/search/label/Tools" target="_blank">tools</a>, documentation, and community resources to help you get up and running with your own <b>Vyatta-based</b> system. Ask questions in the Forums. Propose new features and vote on existing proposals. Participate and have fun. We have been working together with our community for over five years to continue to enhance the world's leading software-based network OS.<br /> A commercial version of the <b>Vyatta network OS</b> (Vyatta Subscription Edition) is also available with enterprise-ready management and security product extensions and complete engineering support including proactive notifications of security alerts and software releases as well as priority access to patches & bug fixes.<br /> <b>Vyatta's </b>open, software-based approach to networking has created a complete network OS that can connect and secure physical <a href="http://www.toolwar.com/search/label/Network" target="_blank">networks</a> as well as virtual and cloud computing infrastructures. <b>Vyatta</b> software and appliances offer users a flexible, affordable alternative to proprietary, hardware-based routers, firewalls, and VPN devices.<br /> Vyatta can help you: <br /> <ul> <li>Affordably scale large BGP implementations </li> <li>Keep your network safe with a stateful-inspection firewall </li> <li>Securely connect remote offices with <a href="http://www.toolwar.com/search/label/VPN" target="_blank">VPN </a></li> <li>Scale from DSL to 10-Gbps with a single software package</li> <li>Avoid costly proprietary networking upgrades </li> <li>Run virtualized networking environments in Xen, KVM and VMware </li> <li>Add networking and security to blade servers in your data center </li> <li>Offer cloud based managed security services </li> <li>Add network redundancy regardless of vendor equipment </li> <li>Build your own best-of-breed Branch office solution </li> </ul> <br /> The <b>Vyatta Core</b> is an integration of a number of components from a variety of different sources, much the same way as a standard Linux distribution. Many of the components are licensed under the GNU GPL. Others carry a BSD license. Still others carry less-popular licenses. All components of the <b>Vyatta Core</b> carry licenses defined as open source.<br /> License files are included with every package installed in the system and can be viewed in the /usr/share/doc/package/copyright file.<br /> <br /> <h3> Tutorials ::</h3> <b>Use Tips and Tricks :: </b><a href="http://www.vyatta.org/documentation/tips-tricks" target="_blank">Click Here</a><b><br /> </b><br /> <b>Documentations :: </b><a href="http://www.vyatta.org/documentation/translated-docs" target="_blank">Click Here</a><br /> <b>Vyatta Forum :: </b><a href="http://www.vyatta.org/forum" target="_blank">Click Here</a> <br /> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div style="text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5JJOE5zeVbM?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> </div> <div class="separator" style="clear: both; text-align: center;"> </div> <h3> Download ::</h3> <b>Live CD :: </b><a href="http://packages.vyatta.com/vyatta/iso/VC6.6/vyatta-livecd_VC6.6R1_i386.iso" target="_blank">Vyatta Live CD v6.6</a> (.iso)<b></b><br /> <b>Visualization ISO :: </b><a href="http://packages.vyatta.com/vyatta/iso/VC6.6/vyatta-livecd_VC6.6R1_i386.iso" target="_blank">Vyatta Visualization v6.6</a> (.iso)<b> </b> <b> </b><br /> <b>Official Website ::<a href="https://www.blogger.com/goog_2084089245"> </a></b><a href="http://www.vyatta.org/">http://www.vyatta.org/</a> </div> </div> </div> </div> </article></div> </div>

Vyatta (Vitrual Router, Firewall and VPN) :: Framework

The free community Vyatta Core software(VC) is an award-winning open source network operating system providing...

Read more »

Nagios XI (System and Network Monitoring) :: Tools

<div style="text-align: justify;"><div class="separator" style="clear: both; text-align: center;"><img alt="Nagios Logo" border="0" height="139" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijPJbT23GqEsND51gYYV9dlritrv4VMN0Y_kXrjsPpMF35HF9jV7QqyVxhKZU5jyF825HFNPBEghQzSXXvo9xLLhE3Hc1ybP9g6HiYYyh2rdXCLL-4OPuEAaCQhLgw9nJ8CBXoG1BT6l5L/s1600/xi-logo-large.png" title="Nagios Logo" width="320" /></div><b>Nagios XI </b>is a system and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">network monitoring</a> application. It watches hosts and services that you specify, alerting you when things go bad and when they get better. Some of its many features include monitoring of <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> services (SMTP, POP3, HTTP, NNTP, ICMP, etc.), monitoring of host resources (processor load, disk usage, etc.), and contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method).</div><div style="text-align: justify;"><b>With Nagios you can:</b> </div><ul style="padding-left: 25px;"><li>Monitor your entire IT infrastructure</li> <li>Spot problems <i>before</i> they occur</li> <li>Know immediately when problems arise</li> <li>Share availability data with stakeholders</li> <li>Detect security breaches</li> <li>Plan and budget for IT upgrades</li> <li>Reduce downtime and business losses</li> </ul><div style="text-align: justify;"><br /> </div><h3 style="text-align: justify;">Tutorials ::</h3><div style="text-align: justify;"><b>Text Tutorials :: </b><a href="http://library.nagios.com/library/products/nagiosxi/tutorials/" target="_blank">Click Here </a> </div><div style="text-align: justify;"><b>Documentation :: </b><a href="http://library.nagios.com/library/products/nagiosxi/documentation" target="_blank">Click Here</a> </div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/mXUxXV17Nd4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div><div style="text-align: justify;"> </div><h3 style="text-align: justify;">Download ::</h3><div style="text-align: justify;"><b>Windows | Linux  :: </b><a href="http://library.nagios.com/library/products/nagiosxi/downloads/main" target="_blank">Nagios XI</a><b> </b></div><div style="text-align: justify;"><b>Official Website :: </b> <a href="http://www.nagios.org/">http://www.nagios.org/</a></div>

Nagios XI (System and Network Monitoring) :: Tools

Nagios XI is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad ...

Read more »

Nipper Studio (Network Security Audit for Firewall, Switches and Router) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjog3YqJ3FIoxb_rLEWgJPXiIWYhWS7Ihd2IOrLYGhAqOaRm7ioEB6gatr6PgzNw7OJf7ol2pC-Z9-TVfpQewGb_ryDyAt_h2uNqzrlhRtW194rN4xFfH7jYM3ivYb0TPmgsj7rIChoKIYR/s1600/Nipper+Home+Report+2.2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="nipper tutorial" border="0" height="333" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjog3YqJ3FIoxb_rLEWgJPXiIWYhWS7Ihd2IOrLYGhAqOaRm7ioEB6gatr6PgzNw7OJf7ol2pC-Z9-TVfpQewGb_ryDyAt_h2uNqzrlhRtW194rN4xFfH7jYM3ivYb0TPmgsj7rIChoKIYR/s1600/Nipper+Home+Report+2.2.jpg" title="nipper tutorial" width="400" /></a></div> <div style="text-align: justify;"> <b>Nipper (short for Network Infrastructure Parser, previously known as CiscoParse)</b> audits the security of network devices such as switches, routers, and firewalls. It works by parsing and analyzing device configuration file which the <b>Nipper</b> user must supply. This was an open source tool until its developer (Titania) released a commercial version and tried to hide their old GPL releases. During a <b>network audit Nipper Studio</b> processes the devices’ native configurations and enables you to create a variety of different audit reports. By using traditional methodology for your <a href="http://www.toolwar.com/search/label/Network" target="_blank">network audit</a>, such as manual <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">Penetration Testing</a>, Agent-based software and <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">Network Scanners</a>, you could experience various drawbacks, which does not affect Nipper Studio <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> audit software:<br /> <ul> <li>Network scanners send huge numbers of network probes to a device and can impact performance. Only exposed vulnerabilities are identified, potentially missing many issues.</li> <li>Agent-based audit software requires software to be installed on the devices during the network audit. This is not possible for all devices and can introduce additional security vulnerabilities.</li> <li>Manual Penetration Tests examine individual <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices in detail. However this is slow, expensive and results in point in time audits of only a sample of devices.</li> <li>Flatten the <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability assessment</a> process and reduce human error by automatically producing an instant, device specific configuration report, readable by non-technical experts.  </li> <li>Achieve significant cost savings by automating a detailed configuration vulnerability analysis, typically provided by costly external Penetration Testing. </li> <li>Improve the productivity and scope of the network audit by quickly performing a thorough vulnerability assessment of multiple complex network devices, providing a detailed security audit report, unachievable with vulnerability scanning technologies. </li> <li>Stay secure as our security audit software requires no additional services on the device or agents to be installed and can audit the network devices without connecting or scanning them</li> </ul> <h3> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/wUtAmowwVD8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3>  </h3> <h3> Download ::</h3> <b>Windows | Linux | Mac :: </b> <b> </b><br /> <b>Buy :: </b><a href="https://www.titania.com/shop" target="_blank">Click Here</a><b> </b> <b> </b><br /> <b>Evaluate Copy :: </b><a href="https://www.titania.com/evaluate" target="_blank">Click Here</a><b>  </b> <b> </b><br /> <b>Official Website :: </b><a href="https://www.titania.com/nipperstudio" target="_blank">https://www.titania.com/nipperstudio </a></div>

Nipper Studio (Network Security Audit for Firewall, Switches and Router) :: Tools

Nipper (short for Network Infrastructure Parser, previously known as CiscoParse) audits the security of network devices such as switche...

Read more »

Argus (Auditing Network Activity) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="Argus Logo" border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB9EePKFj7bOOAmUlulpXxUps3bKmylywSIIPNjOKR95TlmXfzBpotmDPvTpombemgv5gs8g-qGAFLcjAB8y7S0iSCjatcaY9LTAFt-OoP0EOMiONWPCNZ_119wIkga4ZTRn1ILz9jhpfa/s1600/ArgusOptimizationCycle.gif" title="Argus Logo" /></div> <div style="text-align: justify;"> <b>Argus</b> is a fixed-model Real Time Flow <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">Monitor</a> designed to track and report on the status and performance of all network transactions seen in a data <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitter on a per transaction basis. The record format that Argus uses is flexible and extensible, supporting generic flow identifiers and metrics, as well as application/protocol specific information.</div> <div style="text-align: justify;"> <br /></div> <div class="plaintext" style="text-align: justify;"> <b>Argus </b>is composed of an advanced comprehensive network flow data generator, the<b> Argus</b> sensor, which processes packets (either capture files or live <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> data) and generates detailed network flow status reports of all the flows in the packet stream. Argus captures much of the packet dynamics and semantics of each flow, with a great deal of data reduction, so you can store, process, inspect and <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analyze</a> large amounts of network data efficiently. <b>Argus</b> provides reachability, availability, connectivity, duration, rate, load, good-put, loss, jitter, retransmission, and delay metrics for all network flows, and captures most attributes that are available from the packet contents, such as L2 addresses, tunnel identifiers (MPLS, GRE, ESP, etc...), <a href="http://www.toolwar.com/search/label/IDS" target="_blank">protocol ids</a>, SAP's, hop-count, options, L4 transport identification (RTP, RTCP detection), host flow control indications, etc...</div> <div class="plaintext" style="text-align: justify;"> <br /></div> <div class="plaintext" style="text-align: justify;"> Argus is used by many sites to generate network activity reports for every network transaction on their networks. The network audit data that <b>Argus</b> generates is great for <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a>, operations and performance management. The data is used for network forensics, non-repudiation, network asset and service inventory, behavioral baselining of server and client relationships, detecting covert channels, and analyzing Zero day events.</div> <div class="plaintext" style="text-align: justify;"> <br /></div> <div class="plaintext" style="text-align: justify;"> Argus is an Open Source project, currently running on <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X,</a> <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, Solaris, FreeBSD, OpenBSD, NetBSD, AIX, IRIX, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (under Cygwin) and OpenWrt, and has been ported to many hardware accelerated platforms, such as Bivio, Pluribus, Arista, and Tilera. The software should be portable to many other environments with littleor no modifications. Performance is such that auditing an entire enterprise's Internet activity can be accomplished using modest computing resources.</div> <div style="text-align: justify;"> <br /></div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>How To :: </b><a href="http://www.qosient.com/argus/howto.shtml" target="_blank">Click Here</a><b><br /></b></div> <b>Wiki :: </b><a href="http://nsmwiki.org/index.php?title=Argus" target="_blank">Click Here</a><br /> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Mac | Linux ::  </b><a href="http://qosient.com/argus/src/argus-3.0.6.1.tar.gz" target="_blank">Argus v3.0.6.1</a><b> | </b><a href="http://qosient.com/argus/src/argus-clients-3.0.6.2.tar.gz" target="_blank">Argus v3.0.6.1 Client</a><b> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.qosient.com/argus/">http://www.qosient.com/argus/</a><b><br /></b></div> <div style="text-align: justify;"> <br /></div>

Argus (Auditing Network Activity) :: Tools

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions s...

Read more »

Fiddler (Web Debugger Proxy) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoMGV0ZYokZLN2EHLK6qkK_j46ll8DxX5tNAWsuTWrfhCFoHDzxx4SUQFYGKOWgGNkc3p12cIAU1IWKWCKRo16-Ffc1JXOnqM6M60CPkbbxgDqnRKDKo0SJjH0htwNuFreOKr16MRNlihG/s1600/Fiddler+logo.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="251" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoMGV0ZYokZLN2EHLK6qkK_j46ll8DxX5tNAWsuTWrfhCFoHDzxx4SUQFYGKOWgGNkc3p12cIAU1IWKWCKRo16-Ffc1JXOnqM6M60CPkbbxgDqnRKDKo0SJjH0htwNuFreOKr16MRNlihG/s1600/Fiddler+logo.png" width="400" /></a></div> <div style="text-align: justify;"> <b>Fiddler</b> is a <b>Web Debugging Proxy</b> which logs all HTTP(S) traffic between your computer and the Internet. <b>Fiddler</b> allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.</div> <ul style="text-align: justify;"> <li><b>HTTP/HTTPS Traffic Recording :: </b>Fiddler is a free <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> <a href="http://www.toolwar.com/search/label/Debugger" target="_blank">debugging</a> proxy which logs all HTTP(s) traffic between your computer and the Internet. Use it to debug traffic from virtually any application that supports a proxy like IE, Chrome, Safari, Firefox, Opera and more.</li> <li><b>Web Session Manipulation ::</b> Easily manipulate and edit web sessions. All you need to do is set a breakpoints to pause the processing of the session and permit alteration of the request/response. You can also compose your own HTTP requests to run through <b>Fiddler</b>.</li> <li><b>Web Debugging :: </b>Debug traffic from PC, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac</a> or <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux systems</a> and <a href="http://www.toolwar.com/search/label/Mobile" target="_blank">mobile devices</a>. Ensure the proper cookies, headers and cache directives are transferred between the client and server. Supports any framework, including .NET, Java, Ruby, etc.</li> <li><b> Security Testing :: </b>Use <b>Fiddler</b> for <a href="http://www.toolwar.com/search/label/Security" target="_blank">security testing</a> your web applications -- decrypt HTTPS traffic, and display and modify requests using a man-in-the-middle decryption technique. Configure Fiddler to decrypt all traffic, or only specific sessions.</li> <li><b>Performance Testing :: </b>Fiddler lets you see the “total page weight,” HTTP caching and compression at a glance. Isolate performance bottlenecks with rules like “Flag any uncompressed responses larger than 25kb.”</li> <li><b>Customizing Fiddler :: </b>Benefit from a rich extensibility model, ranging from simple FiddlerScript to powerful Extensions which can be developed using any .NET language.  </li> <li><div class="sfContentBlock"> <b>Simulate Real User Load Using Fiddler Captures ::</b> Fiddler is an excellent tool for understanding the performance of your website, but how does your performance change when lots of users are hitting the site? Check out Telerik Test Studio powered by Fiddler to get an in-depth understanding of how your site performance degrades as the number of users increases.</div> </li> </ul> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/gujBKFGwjd4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="http://www.telerik.com/docs/default-source/fiddler/fiddler4setup.exe?sfvrsn=2" target="_blank">Fiddler v4.4.6.2</a> (.exe) <b> </b></div> <div style="text-align: justify;"> <b>Official Website ::</b> <a href="http://www.telerik.com/download/fiddler">http://www.telerik.com/download/fiddler</a></div>

Fiddler (Web Debugger Proxy) :: Tools

Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect...

Read more »

Immunity Canvas (Vulnerability Exploitation) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqwXRB2JW_wTRBZeFsPrNZqP7KK7Xyn3JC7nG4SvaFbLePxH0hRCMjN9Qmahzts9eQvlEvfqI-ZtbOgvXHS6d2EBgXNSHvEgPXs_l3QYQyy_cg2IrSmwwJThp4ddWSXS5oV4GoJEOJbLUo/s1600/img-canvas.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Immunity Canvas" border="0" height="171" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqwXRB2JW_wTRBZeFsPrNZqP7KK7Xyn3JC7nG4SvaFbLePxH0hRCMjN9Qmahzts9eQvlEvfqI-ZtbOgvXHS6d2EBgXNSHvEgPXs_l3QYQyy_cg2IrSmwwJThp4ddWSXS5oV4GoJEOJbLUo/s1600/img-canvas.gif" title="Immunity Canvas" width="400" /></a></div> <b>Immunity Canvas</b> is a commercial <b>vulnerability exploitation tool </b>from Dave Aitel's ImmunitySec. It includes more than 370 exploits and is less expensive than Core Impact or the commercial versions of <a href="http://www.toolwar.com/2013/09/metasploit-framework.html" target="_blank">Metasploit</a>. It comes with full source code, and occasionally even includes zero-day exploits.<b> </b><br /> <b>Immunity's CANVAS</b> makes available hundreds of exploits, an automated <a href="http://www.toolwar.com/search/label/Exploitation" target="_blank">exploitation</a> system, and a comprehensive, reliable exploit development framework to <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration</a> testers and <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> professionals worldwide. To see CANVAS in action please see our movies. For users new to CANVAS or experienced users looking to get just a little more out of CANVAS we have <a href="http://www.toolwar.com/search/label/PDF" target="_blank">PDF</a> based tutorials available for download.</div> <div style="text-align: justify;">   </div> <div style="text-align: justify;"> <b>Supported Platforms and Installations</b><br /> - <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (requires Python & PyGTK)<br /> - <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a><br /> - <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MacOSX</a> (requires PyGTK)<br /> - All other <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a> environments such as mobile phones and commercial Unixes (command line version only supported, GUI may also be available)</div> <div style="text-align: justify;"> <b>Architecture</b><br /> - CANVAS' completely open design allows a team to adapt CANVAS to their environment and needs. </div> <div style="text-align: justify;"> <b>Documentation</b><br /> - all documentation is delivered in the form of demonstration movies<br /> - exploit modules have additional information windows</div> <div style="text-align: justify;"> <b> Exploits</b><br /> - currently over 490 exploits, an average of 4 exploits added every monthly release<br /> - Immunity carefully selects vulnerabilities for inclusion as CANVAS exploits. Top priorities are high-value vulnerabilities such as remote, pre-authentication, and new vulnerabilities in mainstream software.<br /> - Exploits span all common platforms and applications</div> <div style="text-align: justify;"> <b> Payload Options</b><br /> - to provide maximum reliability, exploits always attempt to reuse socket<br /> - if socket reuse is not suitable, connect-back is used<br /> - subsequent MOSDEF session allows arbitrary code execution, and provides a listener shell for common actions (file management, screenshots, etc)<br /> - bouncing and split-bouncing automatically available via MOSDEF<br /> - adjustable covertness level</div> <div style="text-align: justify;"> <b> Exploit Delivery</b><br /> - regular monthly updates made available via <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a><br /> - exploit modules and CANVAS engine are updated simultaneously<br /> - customers reminded of monthly updates via email</div> <div style="text-align: justify;"> <b> Exploit Creation Time</b><br /> - exploits included in next release as soon as they are stable</div> <div style="text-align: justify;"> <b> Effectiveness of Exploits</b><br /> - all exploits fully QA'd prior to release<br /> - exploits demonstrated via flash movies<br /> - exploit development team available via direct email for support</div> <div style="text-align: justify;"> <b> Ability to make Custom Exploits</b><br /> - unique MOSDEF development environment allows rapid exploit development</div> <div style="text-align: justify;"> <b> Product Support and Maintenance</b><br /> - subscriptions include email and phone support M-F 9am - 5pm EST, directly with development team<br /> - minimum monthly updates</div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <h3> Tutorials ::</h3> <ol> <li><a href="http://www.immunitysec.com/documentation/tutorials/Windows_Install.pdf">Detailed Windows Installation Instructions</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/canvas101-part1.pdf">CANVAS 101 (Part 1)</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/canvas101-part2.pdf">CANVAS 101 (Part 2)</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/HCN-Part1.pdf">HCN Rootkit (Part 1)</a></li> <li><a href="http://www.immunitysec.com/documentation/tutorials/ties-that-binder-dot-py.pdf">The Ties That Binder.py</a></li> </ol> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/FAz-Bek4RfU?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <ol></ol> </div> <div style="text-align: justify;"> <h3> Download ::</h3> </div> <div style="text-align: justify;"> <b>Linux | Mac | Windows :: Contact Here ::</b> sales@immunityinc.com <b> </b><br /> <b>Official Website ::</b> <a href="https://www.immunitysec.com/products-canvas.shtml">https://www.immunitysec.com/products-canvas.shtml</a></div>

Immunity Canvas (Vulnerability Exploitation) :: Tools

Immunity Canvas is a commercial vulnerability exploitation tool from Dave Aitel's ImmunitySec. It includes more than 370 exploits an...

Read more »

QualysGuard (Cloud Security) :: Framework

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghdzpjPZX2FLqOdTxqOBOsBcHPK-BGXs4z6FvMDEBWtOdSSQDhFqcOvSs8HLf2_C0gGeR9JzfehTMjygryKrJFU1Andf_8LVNhhNiAMihWAnzULkz0Qj63VCASwzVjkCQVNBGQnopmccia/s1600/qualys-logo.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Qualys logo" border="0" height="306" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghdzpjPZX2FLqOdTxqOBOsBcHPK-BGXs4z6FvMDEBWtOdSSQDhFqcOvSs8HLf2_C0gGeR9JzfehTMjygryKrJFU1Andf_8LVNhhNiAMihWAnzULkz0Qj63VCASwzVjkCQVNBGQnopmccia/s1600/qualys-logo.jpeg" title="Qualys logo" width="320" /></a></div> <div style="text-align: justify;"> <b>QualysGuard</b> is a popular <b>SaaS (software as a service) vulnerability management</b> offering. It's web-based UI offers <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> discovery and mapping, asset prioritization, <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> assessment reporting and remediation tracking according to business risk. Internal scans are handled by Qualys appliances which communicate back to the <a href="http://www.toolwar.com/search/label/Cloud" target="_blank">cloud-based</a> system.</div> <h3 style="text-align: justify;"> Tutorials ::</h3> <h3 style="text-align: justify;"> </h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/XfeyNLb7ZDc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/5Cbq5wudtZE?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Trial Linux | Mac | Windows :: </b><a href="http://www.qualys.com/forms/trials/qualysguard/" target="_blank">QualysGuard</a><b> </b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://www.qualys.com/" target="_blank">http://www.qualys.com/ </a></div>

QualysGuard (Cloud Security) :: Framework

QualysGuard is a popular SaaS (software as a service) vulnerability management offering. It's web-based UI offers network discov...

Read more »

Skipfish (Web Application Security Scanner) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWet3cqxS_RaHFSPFgDcVyLfRIrD075ildwUJOYxN7KDyiHkwz5nOjJPSSvtMoZzRLq_g1vGKdWJsR2avZ_xoeGfBYB4C_YjX_Ulr5xlGhii4h2OWhJ_f2_3UkGgBCQ6pOtci-zTNqau4-/s1600/skipfish+screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Skipfish Screenshot" border="0" height="329" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWet3cqxS_RaHFSPFgDcVyLfRIrD075ildwUJOYxN7KDyiHkwz5nOjJPSSvtMoZzRLq_g1vGKdWJsR2avZ_xoeGfBYB4C_YjX_Ulr5xlGhii4h2OWhJ_f2_3UkGgBCQ6pOtci-zTNqau4-/s1600/skipfish+screenshot.png" title="Skipfish Screenshot" width="640" /></a></div> <div style="text-align: justify;"> <b><i>Skipfish</i></b> is an active <b>web application security reconnaissance tool</b>. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> checks. The final report generated by the tool is meant to serve as a foundation for professional <a href="http://www.toolwar.com/search/label/Web" target="_blank">web application</a> security assessments. </div> <div style="text-align: justify;"> Key features: </div> <ul style="text-align: justify;"> <li><b>High speed</b>: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. </li> </ul> <ul style="text-align: justify;"> <li><b>Ease of use</b>: heuristics to support a variety of quirky web <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">frameworks</a> and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion. </li> </ul> <ul style="text-align: justify;"> <li><b>Cutting-edge security logic</b>: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors. </li> </ul> <div style="text-align: justify;"> The tool is believed to support <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, FreeBSD, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MacOS X</a>, and <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (Cygwin) environments. </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/kqx8rp7Cnwc?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Mac | Linux ::</b> <a href="http://skipfish.googlecode.com/files/skipfish-2.10b.tgz" target="_blank">Skipfish v2.10b</a> (.tgz)</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://code.google.com/p/skipfish/">http://code.google.com/p/skipfish/</a></div>

Skipfish (Web Application Security Scanner) :: Tools

Skipfish is an active web application security reconnaissance tool . It prepares an interactive sitemap for the targeted site by carryi...

Read more »

GoLismero (The Web Knife) :: Framework

<div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Golismero " border="0" height="380" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJYxDNAmrpLOxGHjpb6huddkmpfTYX3pDCUkzAP5ZvTN4YHVhKeSoNVz0mP3edsRRLaggj3y4jcannl6jCd928BDdVuz0XMqsJrc4uaybV2Vo1azKfWDoSHkN3sWgH2iEF7wp3DJ79MdTj/s1600/Golismero+WIndows+Screenshot.png" title="Golismero " width="640" /></a></div> <div style="text-align: justify;"> <b>GoLismero</b> is an open source framework for <a href="http://www.toolwar.com/search/label/Security" target="_blank"><b>security testing</b></a>. It's currently geared towards <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> security, but it can easily be expanded to other kinds of scans.</div> <div style="text-align: justify;"> The most interesting features of the <a href="http://www.toolwar.com/search/label/Frameworks" target="_blank">framework</a> are:</div> <ul style="text-align: justify;"> <li>Real platform independence. Tested on <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, *BSD and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">OS X</a>.</li> <li>No native library dependencies. All of the framework has been written in pure Python.</li> <li>Good performance when compared with other frameworks written in Python and other scripting languages.</li> <li>Very easy to use.</li> <li>Plugin development is extremely simple.</li> <li>The framework also collects and unifies the results of well known tools: <a href="http://www.toolwar.com/2013/09/sqlmap-tools.html" target="_blank">sqlmap</a>, xsser, <a href="http://www.toolwar.com/2013/09/openvas-is-advanced-open-source.html" target="_blank">openvas</a>, <a href="http://www.toolwar.com/2013/10/dnsrecon-tools.html" target="_blank">dnsrecon</a>, <a href="http://www.toolwar.com/2013/09/theharvester-tools.html" target="_blank">theharvester</a>...</li> <li>Integration with standards: CWE, CVE and OWASP.</li> <li>Designed for cluster deployment in mind (not available yet).</li> </ul> <h3> Tutorials ::</h3> <b>Installation :: </b> <br /> Strictly speaking, GoLismero doesn't require installation - only its dependencies do. So if you want to use it on a system where you don't have root privileges, you can ask the system administrator to install them for you, and just run the "git checkout" command on your home folder.<br /> <b>Briefly Tutorial of Installation :: </b> <a href="https://github.com/golismero/golismero">Click Here</a><br /> <b>Basic Usages ::</b> <a href="https://github.com/golismero/golismero" target="_blank">Click Here</a><br /> <h3> Download ::</h3> <b>Linux | Mac | Windows :: </b><a href="https://github.com/golismero/golismero/archive/master.zip" target="_blank">GoLismero Archive</a> (.zip)<b> </b><br /> <b>Official Website :: </b><a href="https://github.com/golismero/golismero" target="_blank">https://github.com/golismero/golismero</a>

GoLismero (The Web Knife) :: Framework

GoLismero is an open source framework for security testing . It's currently geared towards web security, but it can easily be expa...

Read more »

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

<div style="text-align: justify;"> </div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Cisco Torch" border="0" height="294" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrDBORXGRkO4-BVNT3r3mNPK_ogJ94i5y-vnarwHNshmXWd2qBKmXLLFyAlwuJM32ULoRNrOznorFUhaZ4b3jXomvwheUARBWfq9WYFeRUL_t0fvlOOf1yW2UUaYIEdzhS7mtfN0guCsfD/s1600/cisco-torch.PNG" title="Cisco Torch" width="640" /></a></div> <div style="text-align: justify;"> <b>Cisco Torch</b> is a <b>mass scanning, fingerprinting, and exploitation tool</b> was written while working on the next edition of the "Hacking Exposed Cisco Networks", since the <a href="http://www.toolwar.com/search/label/Tools">tools</a> availalbe on the market could not meet our needs. <br />The main feature that makes<b> Cisco-torch</b> different from similar tools is the extensive use of forking to launch multiple scanning processes on the background for maximum <a href="http://www.toolwar.com/search/label/Scanner">scanning</a> efficiency. Also, it uses several methods of application layer fingerprinting simultaneously, if needed. We wanted something fast to discover remote Cisco hosts running Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks against the services discovered. </div> <br /><h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows | Mac | Linux :: </b><a href="http://www.arhont.com/en/wp-content/uploads/2010/01/cisco-torch-0.4b.tar.gz" target="_blank">Cisco-Torch v0.4b</a> (.tar.bz2)<b> | Language ::</b> Perl<b><br /></b></div> <div style="text-align: justify;"> <b>Official Website :: </b> <a href="http://www.arhont.com/en/category/resources/tools-utilities/">http://www.arhont.com/en/category/resources/tools-utilities/</a></div>

Cisco Torch (Scanning, Fingerprinting and Exploitation) :: Tools

Cisco Torch is a mass scanning, fingerprinting, and exploitation tool was written while working on the next edition of the "Hac...

Read more »

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="nmap scanner logo" border="0" height="210" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPn1QPXq_tY_zK1uLIjY-6fyXimOMxgo3rq52s-03wGFIiM3FEUXb1R_uZpS2QvMEucVny6EK7w0eYYGJ5JKDgUtasnKL7WqkAIA5QMKqB05XXAv_va-hOLNd2wlIHxv1cUDpxCVa4kxbF/s1600/nmap.jpg" title="nmap scanner logo" width="400" /></div> </div> <div style="text-align: justify;"> <b>Nmap ("Network Mapper")</b> is a free and open source (license) utility for <b>network discovery and security auditing.</b> Many systems and network administrators also find it useful for tasks such as <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> inventory, managing service upgrade schedules, and <a href="http://www.toolwar.com/search/label/Monitoring" target="_blank">monitoring</a> host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of <a href="http://www.toolwar.com/search/label/Packet" target="_blank">packet</a> filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a>, and <a href="http://www.toolwar.com/search/label/Mac" target="_blank">Mac OS X</a>. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI</a> and results viewer <b>(Zenmap)</b>, a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis tool</a> (Nping).<br /> <br /> <b>Nmap</b> was named “<a href="http://www.toolwar.com/search/label/Security" target="_blank">Security</a> Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in twelve movies, including The Matrix Reloaded, Die Hard 4, Girl With the Dragon Tattoo, and The Bourne Ultimatum.<br /> <br /> <b>Nmap is::</b></div> <ul style="text-align: justify;"> <li>    Flexible: Supports dozens of advanced techniques for mapping out networks filled with IP filters, <a href="http://www.toolwar.com/search/label/IDS" target="_blank">firewalls</a>, routers, and other obstacles. This includes many port scanning mechanisms (both TCP & UDP), <b>OS detection</b>, version detection, ping sweeps, and more. See the documentation page.</li> <li>    Powerful: Nmap has been used to scan huge networks of literally hundreds of thousands of machines.</li> <li>    Portable: Most operating systems are supported, including Linux, Microsoft Windows, FreeBSD, OpenBSD, Solaris, IRIX, Mac OS X, HP-UX, NetBSD, Sun OS, Amiga, and more.</li> <li>    Easy: While Nmap offers a rich set of advanced features for power users, you can start out as simply as "nmap -v -A targethost". Both traditional command line and graphical (GUI) versions are available to suit your preference. Binaries are available for those who do not wish to compile Nmap from source.</li> <li>    Free: The primary goals of the Nmap Project is to help make the Internet a little more secure and to provide administrators/auditors/hackers with an advanced tool for exploring their networks. Nmap is available for free download, and also comes with full source code that you may modify and redistribute under the terms of the license.</li> <li>    Well Documented: Significant effort has been put into comprehensive and up-to-date man pages, whitepapers, tutorials, and even a whole book! Find them in multiple languages here.</li> <li>    Supported: While Nmap comes with no warranty, it is well supported by a vibrant community of developers and users. Most of this interaction occurs on the Nmap mailing lists. Most bug reports and questions should be sent to the nmap-dev list, but only after you read the guidelines. We recommend that all users subscribe to the low-traffic nmap-hackers announcement list. You can also find Nmap on Facebook and Twitter. For real-time chat, join the #nmap channel on Freenode or EFNet.</li> <li>    Acclaimed: <b>Nmap</b> has won numerous awards, including "Information Security Product of the Year" by Linux Journal, Info World and Codetalker Digest. It has been featured in hundreds of magazine articles, several movies, dozens of books, and one comic book series. Visit the press page for further details.</li> <li>    Popular: Thousands of people download <b>Nmap</b> every day, and it is included with many operating systems (Redhat Linux, Debian Linux, Gentoo, FreeBSD, OpenBSD, etc). It is among the top ten (out of 30,000) programs at the Freshmeat.Net repository. This is important because it lends Nmap its vibrant development and user support communities. </li> </ul> <h3> Tutorials ::</h3> <b>Tutorial (Max OS X) :: </b><a href="http://nmap.org/book/inst-macosx.html#inst-macosx-source">Click Here</a><br /> <b>Tutorial (Windows) :: </b><a href="http://nmap.org/book/inst-windows.html#inst-win-source">Click Here</a> <b><br /> </b><br /> <b>Tutorial (Linux) ::</b> <a href="http://nmap.org/book/inst-source.html">Click Here</a><br /> <b>Installation :: </b><a href="http://nmap.org/book/install.html" target="_blank">Click Here</a>   <br /> <b>Tutorials From Basics :: </b><a href="http://nmap.org/bennieston-tutorial/">Click Here </a><br /> <b>Video Tutorial :: </b><br /> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/RJxF7puQFXI?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <b> </b> <br /> <h3> Download ::</h3> <h3> </h3> <b>Download ZenMap (GUI of Nmap) :: </b><a href="http://nmap.org/zenmap/">Click Here</a><b> </b><br /> <b>Windows :: </b><a href="http://nmap.org/dist/nmap-6.40-setup.exe">Nmap-Latest</a> (.exe) <b> </b><br /> <b>Linux :: </b><a href="http://nmap.org/dist/nmap-6.40.tar.bz2">Nmap Latest</a> (.tar.bz2)<b> </b><br /> <b>Mac :: </b><a href="http://nmap.org/dist/nmap-6.40-2.dmg">Nmap Latest</a> (.dmg)<b> </b> <b>  </b><br /> <b>Official Website ::</b> <a href="http://nmap.org/">http://nmap.org/</a> <br /> <div style="text-align: justify;"> </div>

Nmap and Zenmap (Network Discovery and Security Auditing) :: Tools

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many syste...

Read more »

SAINT 8 (Security Auditing Suite) :: Framework

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <img alt="SAINT LOGO" border="0" height="107" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgA7ITNbIsTcKUwW4ShEmmGIi_tc3r93_yUAm8uaCmmHsBBhYfr3EemJ8Cqkmicl1Fhpd9D3UxPy_DS7kuqAJEVvVADbttEn7PYmcWl3xA3gQEQWKeMojScYzNb7yO1L08sAs_4K6kEYXHm/s1600/SAINT.jpg" title="SAINT LOGO" width="200" /></div> <b>SAINT 8</b> is a <b>fully-integrated security tool suite</b> that combines <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability scanning</a>, with <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration testing</a>, social engineering tools and configuration assessments. Use the combined power of these tools to identify vulnerabilities on <a href="http://www.toolwar.com/search/label/Network" target="_blank">network</a> devices, operating systems, desktop applications, <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web applications</a>, databases, and more; run packaged penetration tests through pre-configured policies, run vulnerability-specific exploits for target-directed investigation; execute social engineering through packaged exploit Tools; and execute platform-specific configuration auditing, using NIST’s SCAP standards and protocols.  <b>SAINT 8 </b>then provides a robust set of <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">analysis</a> and reporting features to perform ad hoc analytics, view strategic level results across 1 or many assessments, and then build reports from pre-defined templates, compliance reports or build your own custom reports from over 150 customizable settings. <b>SAINT's</b> current repository includes over 4,200 <a href="http://www.toolwar.com/search/label/Vulnerability" target="_blank">vulnerability</a> checks and 900+ exploits - which span over 48,000 Common Vulnerability Exposures (CVEs), plus numerous vulnerabilities that do not currently have a CVE assigned. Vulnerability checks and exploit development is a daily activity, that includes delivery of new checks twice a week, through an automated plug-in. This agentless scanning solution can be delivered via a cloud-based version <b> (WebSAINT Pro 8)</b>, deployed standalone, shared as a server-based solution, or as a multi-<a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanner</a> architecture for large enterprise or load balanced scanning.</div> <br /> <h3> Tutorials ::</h3> <b>Video Tutorial :: </b><a href="http://www.youtube.com/watch?v=ibW6gLNYrf8" target="_blank">Click Here </a><br /> <b>Exploit Tools List :: </b><a href="http://www.saintcorporation.com/solutions/exploitTools.html" target="_blank">Click Here</a><b></b><br /> <br /> <h3> Download :: </h3> <b>Windows :: </b><a href="https://www.saintcorporation.com/resources/requestEvaluation.html" target="_blank">Request a Evaluation Copy</a><b> </b><br /> <b>Official Website :: </b><a href="https://www.saintcorporation.com/products/SAINT8.html">https://www.saintcorporation.com/products/SAINT8.html</a><br /> <b>Submitted By :: </b>SAINT Corporation <br /> <div style="text-align: justify;"> <br /></div>

SAINT 8 (Security Auditing Suite) :: Framework

SAINT 8 is a fully-integrated security tool suite that combines vulnerability scanning , with penetration testing , social engineering ...

Read more »

SARA (Security Auditor's Research Assistant) :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="SARA - Security Auditor's Research Assistant" border="0" height="328" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiTrFtEfewv2qJbhJrO35NMjPReB75buAjazNxPAGzn_8ewu8Kl2MR6bqR7jOcWgPl2nauo85Ttm13awIkk-HKsG3RzQwwaqJLguI0HYkFQBNeOqERU6aVXWY7Iloxk6dJPbufNj51Rz3NM/s1600/network-security-tips.jpg" title="SARA - Security Auditor's Research Assistant" width="640" /></div> <div style="text-align: justify;"> The <b>Security Auditor's Research Assistant (SARA)</b> is a third generation <b>network security analysis tool</b> that that has been available and actively updated for over 10 years. Sadly, all good things have to come to an end and so it goes for SARA. <b>SARA 7.9.1</b> is our last release.(1 May 2009) Actually, SARA-7.9.2a is the final release (1 August 2009).<br /><br />SARA:</div> <ol style="text-align: justify;"> <li>    Operates under Unix, <a href="http://www.toolwar.com/search/label/Linux" target="_blank">Linux</a>, <a href="http://www.toolwar.com/search/label/Mac" target="_blank">MAC OS/X</a> or <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> (through coLinux) OS'.</li> <li>    Integrates the National Vulnerability Database (NVD).</li> <li>    Performs SQL injection tests.</li> <li>    Performs exhaustive XSS tests</li> <li>    Can adapt to many firewalled environments.</li> <li>    Support remote self scan and API facilities.</li> <li>    Used for CIS benchmark initiatives</li> <li>    Plug-in facility for third party apps</li> <li>    CVE standards support</li> <li>    Enterprise search module</li> <li>    Standalone or daemon mode</li> <li>    Free-use open SATAN oriented license</li> </ol> <div style="text-align: justify;"> The first generation assistant, the Security Administrator's Tool for Analyzing <a href="http://www.toolwar.com/search/label/Network" target="_blank">Networks</a> (SATAN) was developed in early 1995. It became the benchmark for <a href="http://www.toolwar.com/search/label/Analysis" target="_blank">network security analysis</a> for several years. However, few updates were provided and the tool slowly became obsolete in the growing threat environment. <br /><br /><h3> Tutorials ::</h3> <b><span style="font-size: small;">Installation ::</span></b> <span style="font-weight: normal;"><a href="http://www-arc.com/sara/cosara/index.shtml" target="_blank">Click Here</a></span><br /> <h3> Download ::</h3> <b>Windows :: </b><a href="http://www-arc.com/sara/downloads/cosara/cosara-7.4.1.exe" target="_blank">coSARA v7.4.1</a> (.exe)<b><br />Linux :: </b><a href="http://www-arc.com/sara/downloads/sara-7.9.2a.tgz" target="_blank">SARA v7.9.2a</a> (.tar.gz)<b><br />Official Website :: </b><a href="http://www-arc.com/sara/">http://www-arc.com/sara/</a><br /><br /></div>

SARA (Security Auditor's Research Assistant) :: Tools

The Security Auditor's Research Assistant (SARA) is a third generation network security analysis tool that that has been available ...

Read more »

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="IronWASP Screenshot" border="0" height="222" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiIe0rfi3alWm5nNnOkzOsCwxWkvTGEZszoQ6V6CqzE9CWjbo_A4crurTQ2UKyOjm5HLNA9FL0P67Vjg2Rvnfuaj9HaEy5iky1SX9TfSfsJi_qC8Zn3KcLEp5JD_gC0J3Wo6HKzEwuAMrm/s1600/IronWASP+Screenshot.png" title="IronWASP Screenshot" width="640" /></a></div> <b>IronWASP (Iron Web application Advanced Security testing Platform)</b> is an open source <a href="http://www.toolwar.com/search/label/System" target="_blank">system</a> for <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> application <a href="http://www.toolwar.com/search/label/Vulenrability" target="_blank">vulnerability</a> testing. It is designed to be customizable to the extent where users can create their own custom <a href="http://www.toolwar.com/search/label/Security" target="_blank">security</a> <a href="http://www.toolwar.com/search/label/Scanner" target="_blank">scanners</a> using it. Though an advanced user with <a href="http://www.toolwar.com/search/label/Python" target="_blank">Python</a>/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners. </div> <div style="text-align: justify;"> <b>IronWASP</b> has a plugin system that supports Python and Ruby. The version of Python and Ruby used in <b>IronWASP</b> is IronPython and IronRuby which is syntactically similar to CPython and CRuby. However some of the standard libraries might not be available, instead plugin authors can make use of the powerful IronWASP API.  </div> <h3 style="text-align: justify;"> Tutorials ::</h3> <div style="text-align: justify;"> <b>IronWASP Blog : : </b><a href="http://blog.ironwasp.org/" target="_blank">Click Here </a></div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/yUoPRnEf22I?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;">  </h3> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows :: </b><a href="https://ironwasp.org/ironwasp.zip" target="_blank">IronWASP v0.9.7.5</a><b> </b>(.zip)</div> <div style="text-align: justify;"> <b>Linux :: </b></div> <div style="text-align: justify;"> <b><span style="font-family: "Courier New",Courier,monospace;">wget http://blog.anantshri.info/content/uploads/2013/01/ironwasp_installer.sh.txt -O ~/ironwasp_installer.sh && sh ~/ironwasp_installer.sh </span></b></div> <div style="text-align: justify;"> <b>Mac :: </b>IronWASP runs on Mac with <a href="http://www.codeweavers.com/products/">CrossOver</a>.</div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://ironwasp.org/">http://ironwasp.org/</a></div>

IronWASP (Web Application Advaced Security Testing Platform) :: Tools

IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testin...

Read more »

Lightbeam for Firefox :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib8LwYFX-HLYguqrxftKa8XFuXUwwkdHvKAZfApbYN5Vd6kB5Pb-QkCewhw5EAtqk7xnRX5EGLwxTSmNKvqefpZvysWyXvvmeUXlN0_Lhdp-lwgsyXJS9mhaoM6t0MfzWcNC4UEgVfr8kr/s1600/lightbeam+addon.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Lightbeam Addon" border="0" height="249" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEib8LwYFX-HLYguqrxftKa8XFuXUwwkdHvKAZfApbYN5Vd6kB5Pb-QkCewhw5EAtqk7xnRX5EGLwxTSmNKvqefpZvysWyXvvmeUXlN0_Lhdp-lwgsyXJS9mhaoM6t0MfzWcNC4UEgVfr8kr/s1600/lightbeam+addon.png" title="Lightbeam Addon" width="400" /></a></div> <b>Lightbeam is a Firefox</b> add-on that enables you to see the <b>first and third party sites you interact with on the <a href="http://www.toolwar.com/search/label/Web" target="_blank">Web</a></b>. Using interactive visualizations, <b>Lightbeam</b> shows you the relationships between these third parties and the sites you visit.</div> <div style="text-align: justify;">  Using interactive visualizations, <b>Lightbeam</b> enables you to see the first and third party sites you interact with on the Web. As you browse, Lightbeam reveals the full depth of the Web today, including parts that are not transparent to the average user. Using three distinct interactive graphic representations — Graph, Clock and List — <b>Lightbeam</b> enables you to examine individual third parties over time and space, identify where they connect to your online activity and provides ways for you to engage with this unique view of the Web.<br /> <br /> <b>How Lightbeam Works ::</b><br /> When you activate Lightbeam and visit a website, sometimes called the first party, the add-on creates a real time visualization of all the third parties that are active on that page. The default visualization is called the Graph view. As you then browse to a second site, the add-on highlights the third parties that are also active there and shows which third parties have seen you at both sites. The visualization grows with every site you visit and every request made from your browser. In addition to the Graph view, you can also see your data in a Clock view to examine connections over a 24-hour period or in a List view to drill down into individual sites.<br /> <br /> <b>How You Can Use Lightbeam to Help Us Illuminate the Inner Workings of the Web ::</b> <br /> As a part of Lightbeam, we're creating a big-picture view of how tracking works on the Internet, and how third-party sites are connected to multiple other sites. You may contribute your data to our crowdsourced directory by simply turning on the share switch within the add-on. To disable crowdsourcing, you can turn it off at any time. You can view your local data stored within Lightbeam at any time, or save your data by clicking the "Save" button under the data section on the left side of the add-on.<br /> <br /> <b>How is my information stored? ::</b><br /> As a default, all info generated and used for Lightbeam’s visualizations and features are only stored locally on your computer. You can save a copy of your connection history at any time, which is also where you can see the specific data collected by the add-on. You may also reset Lightbeam to erase your locally stored connection history, disable it to stop data collection or uninstall it to instantly remove all locally stored data related to <b>Lightbeam.</b><br /> <h3> Tutorial :: </h3> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/Axhz4vChpL4?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3> </h3> </div> <div style="text-align: justify;"> </div> <div style="text-align: justify;"> <br /> <b>Download ::</b> <a href="https://addons.mozilla.org/en-US/firefox/addon/lightbeam/?src=search" target="_blank">Click Here</a> (Firefox Add-on) <b> </b><br /> <b>Official Developer ::</b> Mozilla  </div>

Lightbeam for Firefox :: Tools

Lightbeam is a Firefox add-on that enables you to see the first and third party sites you interact with on the Web . Using interactive ...

Read more »

Havij (Automated and Advanced SQL Injection) :: Tools

<div style="text-align: justify;"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioLo4B-qKdYseDgGxhjbYAMCI7gaFHDgHkgIq5nk4dlAJO0srvzZGs1WbL6gv8T7LyU5lWZUKXpKhEsv8E2TzwySAI8vwXixwYRtOdsOAI9e9eZh9iwwT3SM_Wfnp6ipZPZXMJ40J6uwTV/s1600/Havij.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Havij Screenshot" border="0" height="319" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEioLo4B-qKdYseDgGxhjbYAMCI7gaFHDgHkgIq5nk4dlAJO0srvzZGs1WbL6gv8T7LyU5lWZUKXpKhEsv8E2TzwySAI8vwXixwYRtOdsOAI9e9eZh9iwwT3SM_Wfnp6ipZPZXMJ40J6uwTV/s1600/Havij.png" title="Havij Screenshot" width="320" /></a></div> <b>Havij</b> is an <b>automated SQL Injection tool</b> that helps <a href="http://www.toolwar.com/search/label/Penetration" target="_blank">penetration</a> testers to find and exploit SQL Injection vulnerabilities on a <a href="http://www.toolwar.com/search/label/Web" target="_blank">web</a> page.  It can take advantage of a vulnerable web application. By using this software, user can perform back-end database fingerprinting, retrieve DBMS login names and <a href="http://www.toolwar.com/search/label/Password" target="_blank">password</a> <a href="http://www.toolwar.com/search/label/Hash" target="_blank">hashes</a>, dump tables and columns, fetch data from the database, execute SQL statements against the server, and even access the underlying file system and execute operating system shell commands.<br /> The distinctive power of <b>Havij</b> that differentiates it from similar <a href="http://www.toolwar.com/search/label/Tools" target="_blank"> tools</a> lies in its unique methods of injection. The success rate of attack on vulnerable targets using <b>Havij</b> is above 95%.  The user friendly <a href="http://www.toolwar.com/search/label/GUI" target="_blank">GUI (Graphical User Interface)</a> of Havij and its automated configuration and heuristic detections make it easy to use for everyone even amateurs.</div> <h3 style="text-align: justify;"> <b>Tutorials :: </b></h3> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>URL Rewrite :: </b><a href="http://www.itsecteam.com/files/havij/URL%20Rewrite/url_rewrite.htm" target="_blank">Click Here</a></span></span></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>MSSQL :: </b></span></span><a href="http://www.itsecteam.com/files/havij/MsSQL/mssql.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>PostGreSQL :: </b></span></span><a href="http://www.itsecteam.com/files/havij/PostgreSQL/postgresql.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>Pro Features :: </b></span></span><a href="http://www.itsecteam.com/files/havij/Pro%20Features/pro%20features.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>Oracle :: </b></span></span><a href="http://www.itsecteam.com/files/havij/Oracle/oracle.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <span style="font-size: small;"><span style="font-family: inherit;"><b>Multi-Thread Blind Injection :: </b></span></span><a href="http://www.itsecteam.com/files/havij/multi%20thread%20blind%20injection/multi%20thread%20blind%20injection.htm" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></a></div> <div style="text-align: justify;"> <b><span style="font-size: small;"><span style="font-family: inherit;">Dump All :: </span></span></b><a href="http://www.itsecteam.com/files/havij/Dump%20All/Dump_All.html" target="_blank"><span style="font-size: small;"><span style="font-family: inherit;"><span style="font-size: small;"><span style="font-family: inherit;">Click Here</span></span></span></span></a><b> </b></div> <div style="text-align: justify;"> <br /> <b>How to use ::</b></div> <div class="rtejustify" style="text-align: justify;"> You can use this utility to find and potentially exploit SQL Injection vulnerabilities in web application. To use this tool, some knowledge of SQL Injection - even though abasic one - is essential. Most of what you will have to do, in typical cases, will be to enter the URL of the suceptible page, selecting the applicable method clicking 'Analyze'. Almost everything needed to reveal and make use of the vulnerabilities is done by the utility. For best results, the URL should be one that returns a normal response (rather than one that returns a 4xx response).</div> <div class="rtejustify" style="text-align: justify;"> <br /></div> <div class="rtejustify" style="text-align: justify;"> <b>Video ::</b> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/7ubB9VocgnQ?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <div class="rtejustify" style="text-align: justify;"> </div> <div class="separator" style="clear: both; text-align: center;"> <iframe allowfullscreen="allowfullscreen" frameborder="0" height="266" mozallowfullscreen="mozallowfullscreen" src="https://www.youtube.com/embed/dEM7YRRSvP8?feature=player_embedded" webkitallowfullscreen="webkitallowfullscreen" width="320"></iframe></div> <h3 style="text-align: justify;"> Download ::</h3> <div style="text-align: justify;"> <b>Windows ::</b>  <a href="http://www.itsecteam.com/files/havij/Havij1.15Free.rar" target="_blank">Havij v1.15</a> (.rar) | <b>Trial</b></div> <div style="text-align: justify;"> <b>Official Website :: </b><a href="http://itsecteam.com/products/havij-advanced-sql-injection/">http://itsecteam.com/products/havij-advanced-sql-injection/</a><b> </b></div>

Havij (Automated and Advanced SQL Injection) :: Tools

Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web p...

Read more »

Advanced Encryption Package :: Tools

<div class="separator" style="clear: both; text-align: center;"> <img alt="encryption-window-algorithm-expanded" border="0" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgJ0GkaQws6zeP9BDAKJLLBj9oZrkk5m3h0V-j-MCgf5SnIhooYtvusIkM6347PhQZWuy9tQVYiEhoP4FdUG4Wakmw1cCrqnwMuO0TzXm9psLCcd6WqPlLHgKdbV4eFVaSo82gBFtvY14s-/s1600/encryption-window-algorithm-expanded.jpg" title="encryption-window-algorithm-expanded" width="387" /></div> <div style="text-align: justify;"> <b>Advanced Encryption Package</b> is a File <a href="http://www.toolwar.com/search/label/Encryption" target="_blank">encryption</a>, Secure File Transfer, Batch File Encryption and Encrypted Backups. <b>Advanced Encryption Package</b> adds new features to the context menu of <a href="http://www.toolwar.com/search/label/Windows" target="_blank">Windows</a> Explorer. As you can see on this screenshot, context menu has new menu item AEP and some subitems under this item: Encrypt, Decrypt, Create Self-Extracting File, Wipe. </div> <div style="text-align: justify;"> <br /></div> <div style="text-align: justify;"> <b>Features ::</b></div> <div style="text-align: justify;"> <ul> <li><strong>Easy to use</strong> for novices. It integrates nicely with Windows Explorer and made easy for novices.</li> <li><strong>Strong and proven algorithms</strong> to protect your sensitive documents (20 encryption algorithms).</li> <li><strong>File</strong> and/or <strong>text</strong> encryption.</li> <li>Symmetric and asymmetric algorithms (17 data destruction algorithms).</li> <li><strong>Secure</strong> file <strong>deletion</strong>.</li> <li>Using <a href="http://www.toolwar.com/search/label/USB" target="_blank">USB</a> flash drives to store [en]-decryption keys.</li> <li>Creating <strong>encrypted self-extracting file</strong> to send it as <strong>email</strong> attachement. No additional software is required on other end!</li> <li>Complete <strong><a href="http://www.toolwar.com/search/label/CLI" target="_blank">command line</a> support</strong> to fully <strong>automate</strong> [en]-decryption tasks.</li> </ul> </div> <h3 style="text-align: justify;"> <b>  </b></h3> <h3> <b>Tutorials ::</b></h3> <b> How to Article :: </b><a href="http://www.aeppro.com/support/security-articles.shtml" target="_blank">Click Here</a><b> </b><br /> <h3> <b>Download ::</b></h3> <b>Windows :: </b><a href="http://www.aeppro.com/download/aep_setup.msi" target="_blank">Advanced Encryption Package Pro 2014</a> (.msi)<br /> <b>Official Website :: </b><a href="http://www.aeppro.com/products/aep.shtml" target="_blank">http://www.aeppro.com/products/aep.shtml</a>

Advanced Encryption Package :: Tools

Advanced Encryption Package is a File encryption , Secure File Transfer, Batch File Encryption and Encrypted Backups. Advanced Encryptio...

Read more »