Search Results for "vulnerability" - Page 2

A vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners. This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. Visit WAVSEP homepage to learn more: https://code.google.com/p/wavsep/ The project includes the following test cases: Path Traversal/LFI: 816 test cases (GET & POST) Remote File Inclusion (XSS via RFI): 108 test cases (GET & POST) Reflected XSS: 66 test cases, implemented in 64 jsp pages (GET & POST) Error Based SQL Injection: 80 test cases, implemented in 76 jsp pages (GET & POST) Blind SQL Injection: 46 test cases, implemented in 44 jsp pages (GET & POST) Time Based SQL Injection: 10 test cases, implemented in 10 jsp pages (GET & POST)

Based on MATE environment HackShark Linux is a lightweight distribution for penetration testing, cyber forensic investigation and vulnerability assessment purpose.

BlackBSD Is a NetBSD based LiveCD, with security tools on it, and fluxbox as a window manager. Beta Version 1.0 coming on soon. Packages on it. Nmap - port scanner http://nmap.org/ Nessus - Vulnerability detector http://www.tenable.com/products/nessus Air-Crack - Wireless Cracker http://www.aircrack-ng.org/ Ettercap - port sniffer http://ettercap.github.com/ettercap/ Iptraf - Network Monitor http://iptraf.seul.org/ Medusa - Login brute-forcer http://www.foofus.net/~jmk/medusa/medusa.html Snort - Intrucion Detection http://www.snort.org/ W3af - Web Application Attack http://w3af.org/ NetCat - networking utility http://netcat.sourceforge.net/ THC-Hydra - network logon cracker http://thc.org/thc-hydra/ Wapiti - Web application vulnerability scanner http://wapiti.sourceforge.net/ Rapid7 - http://www.rapid7.com/

This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video:...

This program was written to test (and protect) the vulnerability of the Windows 7 and Vista Operating System ( bsod / SMB2) . The code should not be used to damage machines with Windows System. The main objective of the project, is notify about problem.

Vsam (Vulnerabillity, Scanning, Analysis and Management) is a project dedicated to the release of a virtual appliance for the management and analysis of vulnerability scan data. The main goals are ease of use and stability of the application.

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembl

Nessconnect is a GUI, CLI and API client for Nessus and Nessus compatible servers. With an improved user interface, it provides local session management, scan templates, report generation through XSLT, charts and graphs, and vulnerability trending.

By emulating widespread vulnerabilities the honeypot Nepenthes is able to catch and store viruses worms using these vulnerabilities. The api interface to add new vulnerability modules is easy to use, so there is no problem in writing new ones.

Software repository of the hack://src project. Includes security related software for crypto, vulnerability/patch notification & management, and ultra low level system access for stealth forensics & intrusion detection or malware removal.

Trinux is a small ramdisk/floppy based Linux distribution that contains useful tools for mapping and monitoring TCP/IP networks (i.e. intrusion detection and vulnerability scanning)

The VSC is a PHP/MySQL/Apache Interface for Nessus 2.x. It allows users to hierarchically manage hosts, scanning policies, and request automated immediate, future/reccuring scans of a host or group of hosts, view scan reports and generate metrics.

This is a Host based Intrusion Detection system, it consists of 4 components viz.Port scan detector,Policy Enforcer,Network Statistics,and Vulnerability detector. The backend programs are written in C, the front end is made using Qt Designer and Glade.

MailScanner is an email virus scanner, vulnerability protector and spam tagger. It is written in Perl for any Unix/Linux system. It supports the Postfix, Sendmail, Exim and ZMailer MTAs, and any combination of 17 different virus scanners.

Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.

QuIDScor is a daemon software integrating Intrusion Detection Systems (IDS) and vulnerability assesment and management platforms. Today QuIDScor correlates and verifies Snort alerts against QualysGuard vulnerability assessment data.

Gherkin is a web-enabled, multi-threaded, centralized security scan manager incorporating Nessus vulnerability scanning, dns and nmblookup host resolving, and nmap fingerprinting and scanning.

grIDS is a management system for Security Engineers. grIDS integrates snort as the IDS, nessus as the vulnerability scanner, a port reference, a host information database, and canned reports into a web-based management system.

An nmap wrapper system which, among many other things, provides historical access to all past scans, and vulnerability analysis.

kkp is a security tool based on a vulnerability in handling of the NetBIOS protocol by the Microsoft Windows 9x platform. It is meant to be the most reliable and efficient tool for this use. It has been tested on POSIX, and might work under Win32.

Scavenger: A Real-Time Vulnerability Scanner and Management Application