Category Archives: Reviews

Burp – Suite for attacking web applications

Burp suite is an integrated platform for attacking web applications. It contains all of the burp tools (proxy, spider, intruder and repeater) with numerous interfaces between them designed to facilitate and speed up the process of attacking a web application. All plugins share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging,… Read More »

Pirana SMTP Content Exploitation Framework

Email has become an essential service for most people – who doesn´t own an email address today? With time, it seemed obvious that numerous threats would come to light and propagate through this communication channel.

Fiaif

FIAIF is an Intelligent Firewall. It provides a highly customizable script for setting up an iptables-based firewall. Configuration is done through one configuration file for each network to which the firewall is connected. FIAIF supports masquerading, port forwarding, traffic shaping, and more.

HTTP AntiVirus proxy

HTTP AntiVirus proxy is a proxy with an anti-virus filter. It does not cache or filter content. At the moment the complete traffic is scanned. The reason for this is the chance of malicious code in nearly every filetype e.g. HTML (JavaScript) or Jpeg. The anti-virus engine use Clamav (GPL antivirus).

BeEF – Browser Exploitation Framework

BeEF is the browser exploitation framework. Its purposes in life is to provide an easily integratable framework to demonstrate the impact of browser and cross-site scripting issues in real-time. The modular structure has focused on making module development a trivial process with the intelligence existing within BeEF.

IPSecuritas

IPSecuritas lets you easily setup IPSec VPN connections to another host or network over the Internet, while securing your data by encryption and authentication. This way, you can easily and cheaply access your office network from any point of this world, always knowing your communication is safe and protected from others.

Oedipus – Web Application Security Scanner

Oedipus is an open source web application security analysis and testing suite developed by Penetration Testers for Penetration Testers. It is capable of parsing different types of log files off-line and identifying several security vulnerabilities. Using the analyzed information, Oedipus can then dynamically test web sites for application and web server vulnerabilities.

UserLock: Manage Networks Access Control

UserLock is a Windows network security utility that secures access to networks by restricting simultaneous sessions, by limiting user access to network resources and by providing network administrators with remote control and session analysis.

Microsoft Anti-Cross Site Scripting Library

This download contains the redistributable files for the Microsoft Application Security Anti-Cross Site Scripting Library. The Anti-Cross Site Scripting Library can be used to provide comprehensive protection to web-based applications against Cross-Site Scripting (XSS) attacks.