Tag Archives: tools

Commercial Web Application Scanner Benchmark

Posted on 8-Aug-2011 by .

There’s a great post doing a feature comparison of commercial & open source scanners over at the Security Tools Benchmarking blog. It appears as though IBM Rational’s AppScan and W3AF are the winners in the commercial and free/open source categories, … Continue reading

Posted in hardware & software, news, security | Tagged , | Leave a comment

How Big is Your Haystack?

Posted on 20-Jun-2011 by .

I’m not the world’s biggest fan of Steve Gibson and his Security Now! podcast.  Recently someone notified me of a neat website that Mr. Gibson created.  The website which he calls Haystack is a ‘brute force search space calculator’. So … Continue reading

Posted in news | Tagged , , , | 2 Comments

pandaflux’s list o’ recommended browser plugins

Posted on 16-Jun-2011 by .

Firefox googlesharing: encrypts your google traffic and routes it through a proxy where it is combined with many other people. https-everywhere: Automatically enables a secure connection for websites that supports it. better privacy: Among other things, Better Privacy will delete “flash … Continue reading

Posted in google, privacy | Tagged , , | Leave a comment

GoogleSharing: a firefox addon

Posted on 8-Nov-2010 by .

While reading the latest issue of Information Security Magazine I came across an article of a tool Moxie Marlinspike released at Blackhat this past summer, Googlesharing.  Marlinspike has introduced several tools that help people concerned about privacy avoid giving up … Continue reading

Posted in google, news, privacy | Tagged , | Leave a comment

Firesheep: Firefox session hijacking plugin

Posted on 26-Oct-2010 by .

From Threatpost: “a tool to identify and capture the social networking sessions of those around you. The tool, a Firefox browser extension dubbed “Firesheep,” was demonstrated at the ToorCon Hacking Conference in San Diego on Sunday. Its primary purpose is … Continue reading

Posted in news, security | Tagged | Leave a comment

NodeZero Linux Live CD

Posted on 1-Sep-2010 by .

I usually rely on Backtrack as my security Swiss army knife.  However I recently learned of NodeZero Linux (formerly Ubuntu Pentest Edition-PE).  Once I give it a full shake down I’ll post a review of how I think it stacks … Continue reading

Posted in news, security | Tagged , | 1 Comment

Generating an SSL server report card

Posted on 16-Aug-2010 by .

The kind folks over at Qualys are running a site which will “grade” an SSL server based on its security configuration.  The site below will generate a report card of a site’s SSL configuration based on factors such as the certificate … Continue reading

Posted in news, security | Tagged , | Leave a comment

Truecrypt 7.0 Released

Posted on 29-Jul-2010 by .

Truecrypt 7.o has been released.  One of the interesting new features is it takes advantage of Intel’s hardware accelerated AES.  The new Intel i5 and i7 core’s include additional x86 instructions for hardware based AES block ciphering and key generation.  … Continue reading

Posted in news, security | Tagged , | Leave a comment

SophosLabs Released Free Tool to Validate Microsoft Shortcut

Posted on 27-Jul-2010 by .

I read this on the Internet Storm Center yesterday.  Sophos has released a tool that will provide detection against the Windows shortcut exploit announced last week (originally being used to exploit Siemens SCADA machines).  Be careful, this is a nasty … Continue reading

Posted in news, security | Tagged , , | Leave a comment

REMnux: Distro for Reversers

Posted on 26-Jul-2010 by .

Lenny Zeltser, SANS Instructor, has released a customized distribution targeted at malware reverse engineers.  From the REMnux page: REMnux is designed for running services that are useful to emulate within an isolated laboratory environment when performing behavioral malware analysis. As … Continue reading

Posted in forensics, malware, news, security | Tagged , , | Leave a comment