Monthly Archives: May 2007

GeSWall

With GeSWall, you can safely surf the web, open e-mail attachments, chat, exchange files etc, regardless of the security threats posed by the internet. GeSWall protects you from intrusions and malicious software by isolating vulnerable applications. Isolation applies an access restriction policy that effectively prevents all kinds of attacks, known and unknown.

PHP Honeypot Project

PHP Honeypot Project is an open source project used to: Fool different kind of web attackers (audit tools, manual hackers), Create real statistics about the first top10 commands used by an intruder, Steal malware (PHP, C, Perl) that attackers wanted to upload, Identify evil behaviours and learn about current web threats.

Acunetix Web Vulnerability Scanner

Hackers are concentrating their efforts on attacking applications in your website: 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Web applications are accessible 24 hours a day, 7 days a week and control sensitive data such as customer details, credit card numbers and proprietary corporate data.

FirePhish – Firefox Anti-phishing Toolbar

FirePhish is a cross-platform anti-phishing toolbar for Firefox that utilizes the Open Phishing Database to provide the user with information and tools to protect against phishing attacks. FirePhish is part of The Open Phishing Database project.

Oedipus – Web Application Security Scanner

Oedipus is an open source web application security analysis and testing suite developed by Penetration Testers for Penetration Testers. It is capable of parsing different types of log files off-line and identifying several security vulnerabilities. Using the analyzed information, Oedipus can then dynamically test web sites for application and web server vulnerabilities.

HTTP AntiVirus proxy

HTTP AntiVirus proxy is a proxy with an anti-virus filter. It does not cache or filter content. At the moment the complete traffic is scanned. The reason for this is the chance of malicious code in nearly every filetype e.g. HTML (JavaScript) or Jpeg. The anti-virus engine use Clamav (GPL antivirus).

Pirana SMTP Content Exploitation Framework

Email has become an essential service for most people – who doesn´t own an email address today? With time, it seemed obvious that numerous threats would come to light and propagate through this communication channel.

Burp – Suite for attacking web applications

Burp suite is an integrated platform for attacking web applications. It contains all of the burp tools (proxy, spider, intruder and repeater) with numerous interfaces between them designed to facilitate and speed up the process of attacking a web application. All plugins share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging,… Read More »

SQLBrute – Blind SQL Injection

SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn´t require non-standard libraries.

strongSwan

strongSwan is an OpenSource IPsec implementation for the Linux operating system. It is based on the discontinued FreeS/WAN project and the X.509 patch which we developped over the last three years. In order to have a stable IPsec platform to base our future extensions of the X.509 capability on, we decided to lauch the strongSwan… Read More »