All other tools

Tenable Network Security announced Nessus 5.0 vulnerability and configuration assessment solution for enterprises and security professionals. Nessus version 5.0 introduces key features and improvements, separated into the four major phases of the vulnerability scanning process:

• Installation and management (for enhanced usability) - Nessus 5.0 simplifies the installation and configuration for non-technical users. Configuration and management: Nessus v5.0 configuration and management is now done 100% through the GUI
• Scan policy creation and design (for improved effectiveness) - Users now enjoy improved effectiveness when creating scan policies. Over two dozen new pre-built plugin filters make it easy for security and compliance professionals to simplify policy creation for laser-focused scans on the areas that matter most. Users can quickly select multiple filter criteria, such as, Vulnerability Publication Date, public vulnerability database ID (OSVDB, Bugtraq, CERT Advisory, and Secunia), Plugin type (local or remote), information assurance vulnerability alert (IAVA), and more, to quickly identify easily-exploitable vulnerabilities.Scan for all easily remotely-exploitable vulnerabilities for which there is an exploit published in your favorite exploit framework.
• Scan execution (for improved efficiency) - Users can take advantage of real-time scan results, on-the-fly filtering and sorting, and streamlined results navigation. A new vulnerability summary and redesigned host summary make it easy to see risk level without even running a report. As the scan is being run, not only can you see the results as they are being gathered, but navigate and filter on them as well. This allows you to easily act upon the vulnerability data while the scan is happening.
• Report customization and creation (for improved communication with all parts of the organization) - New reporting features allow for improved communication of vulnerability results with all parts of the organization:Results filtering and report creation: Results filtering and report creation is more flexible than ever before. Users can apply multiple result filtering criteria, and targeted reports can be generated against the filtered results. Reports can be generated in native Nessus formats, HTML, and now PDF formats, Multiple report templates can be combined into one report.

Nessus 5.0 Installation Guide and Download Nessus 5.0

Nmap release today an interesting version nmap 5.61TEST4 with number of interesting features. Also, to improve the user experience, the Windows installer nowinstalls various browser toolbars, search engine redirectors, andassociated adware.

• a spidering library and associated scripts for crawling websites.
• 51 new NSE scripts, bringing the total to 297.
• a substantial decrease in the size of the Mac OS X installer due to the removal of PPC support.
• a new vulnerability management library which stores and reports found vulnerabilities.

Cain & Abel is a password recovery tool for Microsoft operating systems.It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using dictionary and brute force attacks, decoding scrambled passwords, revealing password boxes, uncovering cached passwords and analyzing routing protocols.

Change Log :

• Added SAP R/3 sniffer filter for SAP GUI authentications and SAP DIAG protocol decompression.
• Added support for Licensing Mode Terminal Server connections to Windows 2008 R2 servers in APR-RDP sniffer filter.
• Added support for MSCACHEv2 Hashes (used by Vista/Seven/2008) in Dictionary and Brute-Force Attacks.
• Added MSCACHEv2 Hashes Cryptanalysis via Sorted Rainbow Tables.
• Added MSCACHEv2 RainbowTables to WinRTGen v2.6.3.
• MS-CACHE Hashes Dumper now supports MSCACHEv2 hashes extraction from Windows Vista/Seven/2008 machines and offline registry files.
• Fixed a bug (crash) in Certificate Collector with Proxy settings enabled.

Download Here

Er is een nieuwe versie van de WordPress Security Scanner uitgebracht. De volgende functionaliteiten zijn toegevoegd/verbeterd:

• Detection for 750 more plugins.
• Detection for 107 new plugin vulnerabilities.
• Detection for 447 possible timthumb file locations.
• Advanced version fingerprinting implemented.
• Full Path Disclosure (FPD) checks.
• Auto updates.
• Progress indicators.
• Improved custom 404 checking.
• Improved plugin detection.
• Improved error_log checking.
• Lots of bugs fixed.
• Lots of small tweaks.

De volledige lijst van veranderingen kunnen hier gevonden worden:
http://code.google.com/p/wpscan/source/browse/trunk/CHANGELOG