Tools (7th Oct)

A slightly longer than normal interval in my update on new and updated Information Security tools that I have come across or use. The tools are mainly those for PenTesting although other tools are sometimes included. As a bit of background into how I find these tools, I keep a close watch on twitter and other websites to find updates or new releases, I also search for pen testing and security projects on Source Forge. Some of the best sites I have found for details of new tools and releases are http://www.toolswatch.org/, http://tools.hackerjournals.com/

Core Impact V12.5
http://blog.coresecurity.com/
CORE Impact® Pro is the most comprehensive software solution for assessing and testing security vulnerabilities throughout your organization. Backed by 15+ years of leading-edge security research and commercial-grade development, Impact Pro allows you to evaluate your security posture using the same techniques employed by today’s cyber-criminals.

The Social-Engineer Toolkit (SET)
https://www.trustedsec.com/september-2012/the-most-advanced-version-of-the-social-engineer-toolkit-to-date-released/
his version is the collection of several months of development and over 50 new features and a number of enhancements, improvements, rewrites, and bug fixes. In order to get the latest version of SET, download subversion and type svn co https://svn.trustedsec.com/social_engineering_toolkit set/

BurpSuite 1.5rc2
http://releases.portswigger.net/2012/10/v15rc2.html
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

SANS Investigate Forensic Toolkit (SIFT) Workstation Version 2.14
http://computer-forensics.sans.org/community/downloads
The SIFT Workstation is a VMware appliance, pre-configured with the necessary tools to perform detailed digital forensic examination in a variety of settings. It is compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF), and raw (dd) evidence formats. The brand new version has been completely rebuilt on an Ubuntu base with many new capabilities and tools such as log2timeline that provides a timeline that can be of enormous value to investigators.

Wireshark is 1.8.3.
http://www.wireshark.org/download.html
Wireshark is the world's foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.