ExploitShield Browser Edition - Forget about browser vulnerabilities

ExploitShield Browser Edition protects against all known and unknown 0-day day vulnerability exploits, protecting users where traditional antivirus and security products fail. It consists of an innovative patent-pending vulnerability-agnostic application shielding technology that prevents malicious vulnerability exploits from compromising computers.

Includes "shields" for all major browsers (IE, Firefox, Chrome, Opera) and browser all components such as Java, Adobe Reader, Flash, Shockwave. Blocks all exploit kits such as Blackhole, Sakura, Phoenix, Incognito without requiring any signature updates.

No need to train or configure, ExploitShield is 100% install-and-forget anti-exploit solution. Read more: ExploitShield Browser Edition. The ZeroVulnerabilityLabs website maintains a realtime list of detected threats and their VirusTotal results.

Download

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

BeEF 0.4.3.8 - Browser Exploitation Framework

The Browser Exploitation Framework (BeEF) is a powerful professional security tool. It is a penetration testing tool that focuses on the web browser. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors. 

Unlike other security frameworks, BeEF focuses on leveraging browser vulnerabilities to assess the security posture of a target. This project is developed solely for lawful research and penetration testing.

BeEF hooks one or more web browsers as beachheads for the launching of directed command modules. Each browser is likely to be within a different security context, and each context may provide a set of unique attack vectors.

Download BeEF 0.4.3.8

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Arachni version 0.4.1.1 Released

Arachni scanner updated to version 0.4.1.1 !! Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. Arachni is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives.

Unlike other scanners, it takes into account the dynamic nature of web applications, can detect changes caused while travelling through the paths of a web application's cyclomatic complexity and is able to adjust itself accordingly. This way attack/input vectors that would otherwise be undetectable by non-humans are seamlessly handled by Arachni.

Change log:

• Auditor#log and Auditor#log_remote_file bugfixed to pass a Hash of the response headers instead of a String — also solving another bug causing response bodies not to be logged in the Issues. [Issue #294]
• Issue — Response headers are now always Hash.
• Reports
• HTML — Removed response headers handling code and added the option to not include HTTP response bodies. [Issue #296]
• XML — Removed response headers handling code and added the option to not include HTTP response bodies. [Issue #296]
• HTTP debugging output now includes Response data. [Issue #297]
• Executables
• arachni_rpcd_monitor — Laxed standards enforced on the Dispatcher URL argument. [Issue #293]
• Path extractors
• Added path extractor for the area HTML tag (href attribute). [Issue #300]

Download Arachni version 0.4.1.1

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email

Grinder Version 0.3 released

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes. Grinder Nodes provide an automated way to fuzz a browser, and generate useful crash information (such as call stacks with symbol information as well as logging information which can be used to generate reproducible test cases at a later stage).

A Grinder Server provides a central location to collate crashes and, through a web interface, allows multiple users to login and manage all the crashes being generated by all of the Grinder Nodes.

Changelog Version 0.3 2012

Server

• Added a Fuzzer tab to allow users to view statistics (bar charts) about the fuzzers that have been run in the system. You can also drill down in to individual fuzzers to view what targets they are generating crashes on. Added bar chart support via jqPlot.
• Added a Settings tab. Moved the user account management features from the System tab into this new Settings tab.

Node

• Add in initial work for automated testcase reduction via .\node\reduction.rb
• Added IE10 support (As seen in Windows 8 Consumer Preview) (grinder\node\browser\internetexplorer.rb).
• Added a --fuzzer parameter to grinder.rb. When bringing up a node you can now specify a single fuzzer to load instead of loading all the fuzzers in the nodes fuzzer directory. Usefull for testing a specific fuzzer (e.g. >ruby grinder.rb --fuzzer=DOMBlaster2000 FF)
• Added a --help and --version parameter to grinder.rb and testcase.rb.
• grinder_logger.dll is now thread safe and can handle log messages of an arbitrary size.
• Changed the server.rb 301 reditect to a 307 temporary redirect.
• Many small bug fixes!

Download Grinder Version 0.3

Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .

Subscribe Top Hacker Stories via email