Tools Update - second week of november 2009


Here is the site's newsletter "Security Database Tools Watch"
This letter summarizes the articles and news items published since 7 days.

         New articles

** Websecurify updated to v0.4 RC2 **
by  Tools Tracker Team
- 13 November 2009

Websecurify Security Testing Framework identifies web security
vulnerabilities by using advanced browser automation, discovery and fuzzing
technologies. The framework is written in JavaScript and successfully
executes in numerous platforms including modern browsers with support for
HTML5, xulrunner, xpcshell, Java, V8 and others.


** fimap alpha v0.6.1 released : RFI/LFI auditing & scanning **
by  Tools Tracker Team
- 13 November 2009

fimap is a little python tool which can find, prepare, scan, audit,
exploit and even google automaticly for local and remote file inclusion
bugs in webapps. fimap should be something like sqlmap just for LFI/RFI
bugs instead of sql injection. It's is currently under heavy development
but it's usable.

Quick News for SVN and upcoming versions

* Version 06.1 is live! o Fixed relative path detection on windows
systems. o Added additional regex to detect error message. (...)


** SAINT® 7.2 Released : Now OVAL compatible. **
by  Tools Tracker Team
- 13 November 2009

SAINT is the Security Administrator?s Integrated Network Tool. It is
used to non-intrusively detect security vulnerabilities on any remote
target, including servers, workstations, networking devices, and other
types of nodes. It will also gather information such as operating system
types and open ports. The SAINT graphical user interface provides access to
SAINT?s data management, scan configuration, scan scheduling, and data
analysis capabilities through a web browser. Different aspects of (...)


** COFEE leakage Affair : May Sun Tzu be with you, always ! **
by  Tools Tracker Team
- 12 November 2009

As the web is boiling with this COFEE leakage affair, i was deep into
reading (again and again) my favorite book Sun Tzu : The principles of
warfare - The Art of War-. And i was specially focused into the part about
turning the enemy's strength into advantage.

With this leakage, Microsoft reveals how the feds and other gov agencies
proceed to extract evidence from computers.

In fact, if you analyze the COFEE package. I said package because: COFEE
is something like 150 command line utilities (...)


** NetWitness v9.0 released **
by  ToolsTracker
- 10 November 2009

NetWitness NextGen is a comprehensive network security monitoring
solution. Looking for insider threats, data leakage, malware activity,
asset misuse, network anomalies, compliance, and network e-discovery.

Version 9.0

NetWitness Identity - provides the ability to easily correlate IP
addresses in network sessions to end-user directory credentials ? fusing
an organization?s Active Directory to offer a real-time 4-1-1 lookup
capability. As a result, security staff can link compromised (...)


** RATS v2.3 - Rough Auditing Tool for Security **
by  ToolsTracker
- 10 November 2009

RATS (Rough Auditing Tool for Security), is a tool for scanning C, C++,
Perl, PHP and Python source code and flagging common security related
programming errors such as buffer overflows and TOCTOU (Time Of Check, Time
Of Use) race conditions.

RATS scanning tool provides a security analyst with a list of potential
trouble spots on which to focus, along with describing the problem, and
potentially suggest remedies. It also provides a relative assessment of the
potential (...)


** Origami v1.0.0-beta1b released **
by  ToolsTracker
- 10 November 2009

Origami is a Ruby framework designed to parse, analyze, and forge PDF
documents. This is NOT a PDF rendering library. It aims at providing a
scripting tool to generate and analyze malicious PDF files. As well, it can
be used to create on-the-fly customized PDFs, or to inject (evil) code into
already existing documents.

Version 1.0.0-beta1b

Fixed a bug in some samples due to internal (...)


** NetworkMiner v0.90 released! **
by  ToolsTracker
- 10 November 2009

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows.
NetworkMiner can be used as a passive network sniffer/packet capturing tool
in order to detect operating systems, sessions, hostnames, open ports etc.
without putting any traffic on the network.

NetworkMiner can also parse PCAP files for off-line analysis and to
regenerate/reassemble transmitted files and certificates from PCAP files.

The purpose of NetworkMiner is to collect data (such as forensic evidence)
about (...)


** PenTBox v1.0.1 - Secure IM Client **
by  ToolsTracker
- 10 November 2009

PenTBox is a Security Suite with programs like Password Crackers, Denial
of Service testing tools (DoS and DDoS), Secure Password Generators,
Honeypots and much more. Destined to test security/stability of networks
and more. Programmed in Ruby, and oriented to GNU/Linux systems (but
compatible with Windows, MacOS and more).

A new update for PenTBox, includes a new program, Secure IM Client. With
this program, users can create a direct chat room between client and server
and with a (...)


** Metasploit Framework 3.3 Release Candidate 1 released **
by  Tools Tracker Team
- 9 November 2009

The Metasploit Framework is a development platform for creating security
tools and exploits. The framework is used by network security professionals
to perform penetration tests, system administrators to verify patch
installations, product vendors to perform regression testing, and security
researchers world-wide. The framework is written in the Ruby programming
language and includes components written in C and assembler.


Ruby 1.9.1 is now supported and recommended

Windows Vista (...)


** Web Security Dojo v0.2 released **
by  Tools Tracker Team
- 8 November 2009

An open source self-contained training environment for Web Application
Security penetration testing. Tools + Targets = Dojo. For learning and
practicing web app security testing techniques. It does not need a network
connection since it contains tools, targets, and documentation. Thus making
it ideal for training classes and conferences.

To install Dojo you can install and run VirtualBox, then "Import
Appliance" using the OVF file. Other virtual machine packages (VMware, etc)
will (...)


** WepBuster v1.0 beta0.7 released **
by  Tools Tracker Team
- 8 November 2009

This small utility was written for Information Security Professionals to
aid in conducting Wireless Security Assessment. The program executes
various utilities included in the aircrack-ng suite, a set of tools for
auditing wireless networks, in order to obtain the WEP encryption key of a
wireless access point. aircrack-ng can be obtained from

Changes :

added wordlist generator

added embedded documentation

miscellaneous code (...)


** Websecurify updated to v0.4 RC1 **
by  Tools Tracker Team
- 8 November 2009

Websecurify Security Testing Framework identifies web security
vulnerabilities by using advanced browser automation, discovery and fuzzing
technologies. The framework is written in JavaScript and successfully
executes in numerous platforms including modern browsers with support for
HTML5, xulrunner, xpcshell, Java, V8 and others.


** Lynis updated to version 1.2.7 **
by  Tools Tracker Team
- 8 November 2009

Lynis is an auditing tool for Unix (specialists). It scans the system and
available software, to detect security issues. Beside security related
information it will also scan for general system information, installed
packages and configuration mistakes.

Changelog :


Added Kernel Hardening section

Sysctl audit support in scan profile and related test [KRNL-6000]

SSH option StrictModes test [SSH-7416]

Password aging limit check [AUTH-9286]

Ubuntu packages check (apt-show-versions) (...)


** PenTester Scripting Logo Competition **
by  Tools Tracker Team
- 7 November 2009

PenTester Scripting website is a very handy collection of Scripts (ruby,
shell, perl...) initiated by a group of researchers to make our pentests
journey easier. The scripts are focused into 8 categories (recon, mapping,
discovery, exploitation and so on).

More information here

Please help our teammate Maximiliano Soler to win this logo competition.




CEO & Founder

Maximiliano Soler
ToolWatch Leader

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.