SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. More info:
http://www.gomor.org/sinfp .
SinFP has now 140 signatures. You can download it via CPAN, or via SourceForge:
https://sourceforge.net/projects/sinfp
Also, two benchmarks versus Nmap have been done:
http://www.phocean.net/index.php/post/2006/12/17/SinFP
http://www.computerdefense.org/?p=173
This new release has been tested under Solaris 8/SPARC, and […]

Jeremiah Grossman, RSnake and Robert Augerand have put together an interesting collection of web application hacks discovered in 2006.
Top 10
1. Web Browser Intranet Hacking / Port Scanning - (with JavaScript and with HTML-only and the improved model)
2. Internet Explorer 7 “mhtml:” Redirection Information Disclosure
3. Anti-DNS Pinning and Circumventing Anti-Anti DNS pinning
4. Web Browser History Stealing […]

Philipp Haupt and Matthias Hürlimann have developed an excellent open source VOIP security test tool called SIP Proxy. This tool can be used both as a proxy and as a VOIP fuzzing source.
Great tool ! SIP Proxy homepage on Sourceforge.
Share This
If you enjoyed this post, make sure you subscribe to my RSS feed!

Telemachus is a companion utility for the well-known web proxy Odysseus, allowing further analysis and manipulation of the HTTP transactions that have passed
through Odysseus.
Telemachus can communicate with the currently active instance of Odysseus,or alternately load a previously saved Odysseus activity log file.
Although primarily designed to be used in conjunction with Odysseus,Telemachus can be used as […]

Pete Herzog from ISECOM has compiled a list of funny computer security incidents most likely to happen in 2007.
My favourite :
Your computer will probably crash a lot or at least reboot for no apparent reason but most likely due to some patch you got through an automated update which you are told to do […]