GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


NIST releases Special Publication 800-137

December 17th, 2010 | by NJ Ouchn

NIST announces the release of Draft Special Publication 800-137 (initial public draft), Information Security Continuous Monitoring for Federal Information Systems and Organizations


CSA Cloud Controls Matrix V1.1 is Released

December 17th, 2010 | by NJ Ouchn

The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider


Cisco IOS Penetration Testing with Metasploit

December 17th, 2010 | by NJ Ouchn

Source: Blog Rapid7 The Metasploit Framework and the commercial Metasploit products have always provided features for assessing the security of network devices. With the latest release, we took this a step further and focused on accelerating the penetration testing process for Cisco IOS devices


ProcDump v3.01 released

December 17th, 2010 | by NJ Ouchn

ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike


honggfuzz easy-to-use fuzzer v0.1 released

December 17th, 2010 | by NJ Ouchn

Honggfuzz is a general-purpose fuzzing tool. Given a starting corpus of test files, Hongfuzz supplies and modifies input to a test program and utilize the ptrace() API/POSIX signal interface to detect and log crashes.


BeEF the Browser Exploitation Framework v0.4.2-alpha released

December 17th, 2010 | by NJ Ouchn

BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target. The user of BeEF will control which browser will launch which command module and at which target


OWASP AntiSamy v1.4.2 Released

December 17th, 2010 | by NJ Ouchn

The OWASP AntiSamy project is a few things. Technically, it is an API for ensuring user-supplied HTML/CSS is in compliance within an application's rules. Another way of saying that could be: It's an API that helps you make sure that clients don't supply malicious cargo code in the HTML they supply for their profile, comments, etc., that get persisted on the server. The term "malicious code" in regards to web applications usually mean "JavaScript." Cascading Stylesheets are only considered malicious when they invoke the JavaScript engine



Back to Top ↑