Monday, 9 April 2012

Tools (9th April)

My weekly blog on the tools that have come to my attention over the last week, it is not a comprehesive tool list but tools that I found interesting or details of tools I use that have been upgraded.

OWASP iGoat
http://code.google.com/p/owasp-igoat/downloads/detail?name=owasp-igoat-1.2.tar.bz2&can=2&q=
iGoat has been designed and built to be a foundation on which to build a series of iOS security lessons. The initial iGoat release will include a handful of lessons to work through, but one of the aims of the project is to build a community of developers to help build out additional lessons over time — much as WebGoat has before it.

OWASP ZAP 1.4.0
https://code.google.com/p/zaproxy/downloads/list
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

Medusa v2.1 Released
http://www.foofus.net/?page_id=51
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:

Enema: Powerful tool for SQL injection
http://code.google.com/p/enema/downloads/list
A non automated SQL Injection tool

No comments:

Post a Comment