Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals.

Update Summary

• Metasploit now has 551 exploit modules and 261 auxiliary modules (from 445 and 216 respectively in v3.3)
• Metasploit is still about twice the size of the nearest Ruby application according to Ohloh.net (400K lines of Ruby)
• Over 100 tickets were closed since the last point release and over 200 since v3.3

The full release notes can be found  here.

Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.

Sahi is an open source testing tool for web applications, with the facility to record and playback scripts. Developed in Java, C and Javascript, this tool uses simple Javascript to execute events in the browser.

Features:

In-browser controls
Intelligent recorder
Text-based scripts
Ant support for playback of suites of tests
Multi-threaded playback from a command line
HTTP and HTTPS support
AJAX support

Sahi runs as a proxy server which intercepts traffic from the web browser and records the web browsing actions. Sahi can play back those recorded actions by injecting Javascript into the browser so it can access elements in the web page. This makes the tool independent of the website/ web application.

Read more and download it here:

http://www.darknet.org.uk/2010/03/sahi-web-automation-application-security-testing-tool/

keimpx is an open source tool, released under a modified version of Apache License 1.1. It can be used to quickly check for the usefulness of credentials across a network over SMB. Credentials can be:

• Combination of user / plain-text password.
• Combination of user / NTLM hash.
• Combination of user / NTLM logon session token.

If any valid credentials has been discovered across the network after its attack phase, the user is asked to choose which host to connect to and which valid credentials to use, then he will be prompted with an interactive SMB shell where the user can:

• Spawn an interactive command prompt.
• Navigate through the remote SMB shares: list, upload, download files, create, remove files, etc.
• Deploy and undeploy his own service, for instance, a backdoor listening on a TCP port for incoming connections.
• List users details, domains and password policy.

You can download keimpx 0.2 here:

keimpx-0.2.zip

source: http://www.darknet.org.uk/2010/02/keimpx-open-source-smb-credential-scanner/

The threat of drive-by downloads is very significant as users can get infected just by visiting a compromised or malicious web site. Often, hackers would compromise a web server which would allow them access to all viewers of the web sites hosted on that server. This download of malicious code happens in the background and aren’t to unsuspecting users.

Researchers are preparing to release a free tool to stop “drive-by” downloads. The new tool, called BLADE (Block All Drive-By Download Exploits), stops downloads that are initiated without the user’s consent.

Read Full Article: http://www.technologyreview.com/computing/24632/?a=f

Dr. Ali Jahangiri, the well known security expert and author of Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts, is pleased to announce the launch of the Live Hacking CD, a new Linux distribution designed for ethical hacking. The Live Hacking CD contains the tools and utilities you need to test and hack your own network but using the tools and techniques that more malicious hackers would use.

Download it here: http://www.livehacking.com/cd-dvd/download.htm

Read the full press release here: http://www.free-press-release-center.info

If you couldn’t afford to make it to Black Hat DC this year, the presentation are now being made available at:

http://www.blackhat.com/html/bh-dc-10/bh-dc-10-archives.html

Hakin9 is a source of advanced, practical guidelines regarding the latest hacking methods as well as the ways of securing systems, networks and applications. I have provided a few recommended copies to download as pdf. Get them here.

Local wireless networks, which provide information to receive and send to the Internet, have become part of the houses and offices. Where as it is less expensive than wired networks and allows for roaming between the two offices to remain in contact with the electronic devices. But experts warn of the penetration it by the strangers or intruders in order to sabotage it.

According to views of the U.S. experts, unsecured homes networks can also be used by the neighbors in order to spam bots download unauthorized material on the rights of the songs and music, and even pornographic material without knowing the owner, which had led to legal proceedings. In particular, it is difficult to identify the person or organization that used the network. One person was detained when he stopped his car in front of a U.S. charitable organization and used its network to communicate with the Internet.

The offices of small businesses were opened that do not have secured internal networks to penetrate the large companies that make business with them; this also is applied to the home network. To overcome the problems the experts proposed to change the passwords on wireless networks from time to time and installation of cryptographic keys to the codes can be changed according to a regular basis. The radio signals can be adjusted so as not to fall outside the walls of the office.

Finally, the use of advanced software to scan wireless networks secures the development of local home and office computers “in the case of the shadows!”

Author: Shrif S Kassem
Article Source: EzineArticles.com
Provided by: Latest trends in mobile phone

Security testing  or assessment is a process to determine that an Information System adequately protects data and maintains intended functionality from the following points:

Confidentiality: A security measure which protects against the disclosure of information to parties other than the intended recipient(s). Often ensured by means of encoding, using a defined algorithm and some secret information known only to the originator of the information and the intended recipient(s) (a process known as cryptography) but that is by no means the only way of ensuring confidentiality.

Integrity: A measure intended to allow the receiver to determine that the information which it receives has not been altered in transit or by other than the originator of the information. Integrity schemes often use some of the same underlying technologies as confidentiality schemes, but they usually involve adding additional information to a communication to form the basis of an algorithmic check rather than encoding all of the communication.

Authentication: A measure designed to establish the validity of a transmission, message, or originator. It allows a receiver to have confidence that the information it receives originated from a specific known source.

Authorization: The process of determining that a requester is allowed to receive a service or perform an operation.

Availability: Assuring information and communications services will be ready for use when expected. Information must be kept available to authorized persons when they need it.

Non-repudiation: A measure intended to prevent the later denial that an action happened, or a communication took place, etc. In communication terms, this often involves the interchange of authentication information combined with some form of provable time stamp.

I’ve listed 100+ free and open source tools used in security testing here.