Posts tagged: Scanner

May 22 2012

Nmap 6 Released

Most popular open source network discovery and security auditing tool Nmap has reached version 6.0.

Nmap 6

The new code hit the Net last Monday, complete with a message from coder Gordon Lyon, aka Fyodor, that the new version represents “almost three years of work, 3,924 code commits, and more than a dozen point releases since the big Nmap 5 release in July 2009.”

Fyodor recommends all users upgrade to the new version, so they can get their hands on 289 new scripts and a host of new features.

Top Improvements:

  • Enhanced Nmap Scripting Engine (NSE)
  • Better Web Scanning
  • Full IPv6 Support
  • New Nping Tool
  • Better Zenmap GUI and Results Viewer
  • Faster Scans

Download:
Linux: nmap-6.00.tar.bz2
Windows: nmap-6.00-win32.zip

Jul 13 2011

First Ever iPhone Malware Scanner

VirusBarrierA French security company known for its Mac OS X antivirus software today released the first malware-scanning app for the iPhone and iPad and iPod Touch.

Intego’s VirusBarrier for iOS has been approved by Apple, and debuted on the App Store Tuesday for $2.99.

Because iOS prevents the program from accessing the file system or conducting automatic or scheduled scans — as do virtually all Mac and Windows antivirus software — VirusBarrier must be manually engaged, and then scans only file attachments and files on remote servers, said Peter James, a spokesman for Intego.

VirusBarrier for iOS can scan email attachments in a variety of formats, including Microsoft’s Word, Excel and PowerPoint; PDF documents; JavaScript files; and Windows executables, those files tagged with the .exe extension. It can also scan files in a Dropbox folder, those stored on MobileMe’s iDisk, or files downloaded via the iOS version of Safari.

The scanning engine and signatures — the digital “fingerprints” used to detect malware — in VirusBarrier for iOS are identical to those used by Intego’s Mac OS X product line.

VirusBarrier for iOS lets iPhone and iPad users run on-demand scans of email attachments before those files are opened or forwarded.

When an email attachment is received by the iPhone, iPad or iPod Touch, the user can intercede by calling on VirusBarrier, which then scans the file for possible infection before the file is opened or forwarded to others.

VirusBarrier for iOS can be downloaded to an iPhone, iPad or iPod Touch from Apple’s App Store. It requires iOS 4.0 or later.

Jun 21 2011

Zed Attack Proxy (ZAP) – Integrated Penetration Testing Tool

ZAProxyThe Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Features:

  • Intercepting Proxy
  • Automated scanner
  • Passive scanner
  • Brute Force scanner
  • Spider
  • Fuzzer
  • Port scanner
  • Dynamic SSL certificates
  • API
  • Beanshell integration

Characteristics:

  • Easy to install (just requires java 1.6)
  • Ease of use a priority
  • Comprehensive help pages
  • Fully internationalized
  • Under active development
  • Open source
  • Free (no paid for ‘Pro’ version)
  • Cross platform
  • Involvement actively encouraged

Download: ZAP 1.3.1

Jan 29 2011

Nmap 5.50 Released with Gopher protocol support

Nmap 5.50
A primary focus of this release is the Nmap Scripting Engine, which has allowed Nmap to expand up the protocol stack and take network discovery to the next level. Nmap can now query all sorts of
application protocols, including web servers, databases, DNS servers, FTP, and now even Gopher servers! Remember those? These capabilities are in self-contained libraries and scripts to avoid bloating Nmap’s core engine.

This release isn’t just about NSE. The Nping packet probing and analysis tool (http://nmap.org/nping/) is also added in 5.35DC1. Version 5.50 improves Nping further with an innovative new echo mode (http://bit.ly/nping-echo).

Also added 636 OS fingerprints and 1,037 version detection signatures to Nmap since 5.21, bringing the totals to 2,982 and 7,319, respectively. No other tool comes close.

Download: nmap-5.50-setup.exe

Mar 22 2010

SkipFish – Web Application Security Scanner

SkipFish is a fully automated, active web application security reconnaissance tool.

SkipFish

Key Features:

  • High Speed: Pure C code, highly optimized HTTP handling, minimal CPU footprint – easily achieving 2000 requests per second with responsive targets.
  • Ease of Use: Heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
  • Cutting-Edge Security Logic: High quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.

The tool is believed to support Linux, FreeBSD 7.0+, MacOS X, and Windows (Cygwin) environments.

Download: skipfish-1.13b.tgz

More Info: SkipFish – Project Home