Events Related:

Resources:

Tools:

  • Verizon Incident Sharing Framework – taosecurity.blogspot.com
    Richard Bejtlich participates on a board affiliated with the VerIS framework.
  • Fimap v0.8A – code.google.com/p/fimap/
    Fimap is a python tool which can find, prepare, audit, exploit and even search the web automatically for LFI/RFI bugs in webapps.
  • Presenting the Meraki WiFi Stumbler… – meraki.com
    The first browser-based wireless scanner lets you find networks (even hidden ones) using any system.
  • sqlmap 0.8 – bernardodamele.blogspot.com
    Damele releases an update to his SQL injection tool.
  • ZigBee: attack of the killer bees – h-online.com
    Developer Joshua Wright intends to release KillerBee for testing the security of ZigBee networks.
  • WhatWeb v0.4 – morningstarsecurity.com
    This is the next generation web scanner.
  • OWASP JBroFuzz 2.0 Fuzzer Released! – owasp.blogspot.com
    An update on the fuzzer from OWASP, featuring better fuzzing, keyboard shortcuts and more.
  • Buck Security – buck-security.sourceforge.net
    Buck Security is a collection of security checks for Linux.
  • skipfish – code.google.com/p/skipfish/
    A fully automated, active web application security reconnaissance tool, straight from Google.
  • FireCAT v1.6.2 – firecat.fr
    The auditing extension catalogue now features BackendInfo in its list.
  • Digital Forensics Framework v0.5 – digital-forensic.org
    DFF is a simple but powerful open source tool with a flexible module system which will help you in your digital forensics works
  • Jericho Forum Offers Free Security Product Assessment Tool – darkreading.com
    Jericho Forum has created a free self-assessment tool for security vendors and buyers to determine the security of their products in cloud-based environments.
  • XSSploit v0.5 – scrt.ch
    It has been developed to help discovery and exploitation of XSS vulnerabilities in penetration testing missions.
  • Cookie Monster – tomneaves.com
    Cookie Monster will grab cookies from a host and assign each character a number.

Techniques:

Vulnerabilities:

Vendor/Software Patches:

Other News: