Events Related:

Resources:

Tools:

  • SAHI – Web Automation & Application Security Testing Tool – sahi.co.in
    Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.
  • Plecost v0.2.2-7 – iniqua.com
    Wordpress finger printer tool to search and retrieve information about the plugins versions installed in WordPress systems.
  • OpenSCAP v0.5.7 – scap.nist.gov
    The Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas.
  • Flint v1.0 – runplaybook.com
    Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems.
  • Samhain v2.6.3 – la-samhna.de
    The update includes fixes for email code regression.
  • Beltane v2.3.19 –  la-samhna.de
    Fixes for Oracle database paths were included here.
  • Vordel SOAPbox – vordel.com
    SOAPbox is a Web services testing tool, which supports both SOAP-based and REST-based invocation modes.
  • S-E Ninja v0.1 Beta – brokenpixel.com
    S-E Ninja is a Social Engineering tool, with 20-25 popular sites fake pages and anonymous mailer via mail() function in PHP.
  • Sniff-n-Spit v1.0 – andlabs.org
    It sniffs for HTTP packets from the client to server and forwards them to your favorite proxy.
  • Imposter v0.9 – andlabs.org
    Imposter is a flexible framework to perform Browser Phishing attacks.

Techniques:

Vulnerabilities:

  • Apache bug prompts update advice – zdnet.com.au
    Sense of Security has discovered a serious bug in Apache’s HTTP web server, which could allow complete control of a database.

Vendor/Software Patches:

  • Apple Plugs 16 Safari Security Holes – threatpost.com
    The Safari 4.0.5 update fixes flaws that could lead to remote code execution if a user is tricked into surfing to a maliciously rigged site.

Other News: