Tools Update (28 Jan 13)

My slightly irregular update on new and updated Information Security tools that I have come across or use. The tools are mainly those for PenTesting although other tools are sometimes included. As a bit of background into how I find these tools, I keep a close watch on twitter and other websites to find updates or new releases, I also search for pen testing and security projects on Source Forge. Some of the best sites I have found for details of new tools and releases are http://www.toolswatch.org/ & http://tools.hackerjournals.com

DNSChef 0.2.1
http://packetstormsecurity.com/files/download/119681/dnschef-0.2.1.tar.gz
DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.


SQLSentinel
https://github.com/karonte691/sqlsentinel
SQLSentinel is an opensource tool that automates the process of finding the sql injection on a website. SQLSentinel includes a spider web and sql errors finder. You give in input a site and SQLSentinel crawls and try to exploit parameters validation error for you. When job is finished, it can generate a pdf report which contains the url vuln found and the url crawled. SQLSentinel is not an exploiting tool. It can only finds url Vulnerabilities

News

Backtrack to be Reborn as Kali Linux
http://cyberarms.wordpress.com/2013/01/26/backtrack-to-be-reborn-as-kali-linux-the-best-pentest-distro-ever/
interesting news from the Backtrack development team. Backtrack is in the process of a major overhaul and will be reborn into a new distribution named Kali!