After working on dnsmap for a few months whenever time allowed, I decided there were enough additional goodies to make version 0.30 a new public release.
Let me just say that a lot of the bugs that have been fixed, and features that have been added to this version would not be possible without the feedback from great folks such as Borys Lacki (www.bothunters.pl), Philipp Winter (7c0.org) and meathive (kinqpinz.info).
Thanks guys, your feedback was highly valuable to me. [...]
In the light of the Month of New Security Buzzwords, I am releasing an online fuzzer to help you generate as many security buzzwords as you like. Sweet!
Jokes aside, tools like this one are quite helpful to brainstorm new ideas. If you ever do research inspired by our buzzword generator, please give us a credit. That way we will know that the tool is actually useful.
We certainly don’t need the ultimate pentesting framework but we can make use of the ultimate pen-testing environment.
This is sort of pre-announcement of a tool I am currently working on, different from jeriko, which I hope will improve the way we do pentests. The tool is in its early stage of development and I could make use of several JavaScript coders if someone is up for the challenge.
I am happy to inform you that I’ve been doing some work on our Google Hacking Database Tool lately. The tool is now pretty stable and it has a better looking, and a lot more intuitive interface. You can enjoy the tool right now from here, as it is entirely web-based.
The GNUCITIZEN’s GHDB project was started back in May 2007. The initial version wasn’t that nice and it sulfured from numerous bugs. [...]
Quite often I end up performing a series of string manipulation and information extraction activities from the command line. Usually this is achieved with several excellent shell utilities available for Linux/Unix/Cygwin. Because it is tedious to re-type long commands every single time I composed a collection of oneliners (scripts) that are very easy to use and cat extract all kinds of useful informations from arbitrary data streams.
Massive Enumeration Toolset (MET) is a collection of Python scripts designed to perform various passive information gathering attacks which can be useful when evaluating the security of public computer networks.
The first release of MET was purely Google orientated because my personal interest towards the search engine started to increase immensely at that time of coding. Soon I realized that, although considered the best, Google is not enough when you want to do more advanced explorations. [...]
test your web apps with websecurify application security testing runtime