From the category archives:

Security Tools

PwnPhone-Pentesting Suite for Nokia N900


The Pwnie Express’ PwnPhone is a full Pentesting suite for the Nokia N900.

It Includes Aircrack, Metasploit, Kismet, GrimWEPa, SET, Fasttrack, Ettercap, Nmap, and more…

Custom pentesting screen with shortcuts to macchanger, injection on/off, etc.

Built-in wireless card supports packet injection, monitor mode, and promiscuous mode.

[click to continue…]

{ 0 comments }

Multiple Vulnerabilities in Cisco TelePresence Products

1] Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch

  • Unauthenticated Java Servlet Access
  • Unauthenticated Arbitrary File Upload
  • Cisco Discovery Protocol Remote Code Execution
  • Unauthorized Servlet Access
  • Java RMI Denial of Service
  • Real-Time Transport Control Protocol Denial of Service
  • XML-Remote Procedure Call (RPC) Denial of Service

Advisory : cisco-sa-20110223-telepresence-ctms

2] Multiple Vulnerabilities in Cisco TelePresence Manager

  • Simple Object Access Protocol (SOAP) Authentication Bypass
  • Java Remote Method Invocation (RMI) Command Injection
  • Cisco Discovery Protocol Remote Code Execution

Advisory : cisco-sa-20110223-telepresence-ctsman

3] Multiple Vulnerabilities in Cisco TelePresence Recording Server

  • Unauthenticated Java Servlet Access
  • Common Gateway Interface (CGI) Command Injection
  • Unauthenticated Arbitrary File Upload
  • XML-Remote Procedure Call (RPC) Arbitrary File Overwrite
  • Cisco Discovery Protocol Remote Code Execution
  • Ad Hoc Recording Denial of Service
  • Java Remote method Invocation (RMI) Denial of Service
  • Unauthenticated XML-RPC Interface

[click to continue…]

{ 0 comments }

SkipFish – Web Application Security Scanner


Key Features:

  • High Speed: Pure C code, highly optimized HTTP handling, minimal CPU footprint – easily achieving 2000 requests per second with responsive targets.
  • Ease of Use: Heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
  • Cutting-Edge Security Logic: High quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

[click to continue…]

{ 0 comments }

GFI LANguard 9 – Free for 5 IPs


gfi_languard_9GFI LANguard is the award-winning network and security scanner used by over 20,000 customers. It scan your network and ports to detect, assess and correct security vulnerabilities with minimal administrative effort. As an administrator, you have to deal separately with problems related to vulnerability issues, patch management and network auditing, at times using multiple products. However, with GFI LANguard these three cornerstones of vulnerability management are addressed in one package. It gives you a complete picture of your network set-up and help you to maintain a secure network state faster and more effectively.

To add further value, GFI has now released a freeware version of GFI LANguard, in line with ‘We Care’ initiative to offer a helping hand in these hard economic times. Using the freeware version, companies can scan up to 5 IPs for free using the product’s full feature set – with no restrictions whatsoever.

[click to continue…]

{ Comments on this entry are closed }

← Previous Entries