The Secunia PSI detects installed software and categorizes your software as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.

Watir is an automated test tool which uses the Ruby scripting language to drive the Internet Explorer web browser. Watir is a toolkit for automated tests to be developed and run against a web browser.

Srinath Anantharaju, a member of Google’s Security Team posted in Google’s Security Blog the availability of “Lemon” , a new web application security fuzzerdeveloped by Google.

I would recommend the PCI DSS made easy to anyone who’s interested in getting a solid overview of the PCI DSS and also it’s interesting to see how GFI can help you address multiple sections in 9 of the 12 PCI requirements.

If you are looking for a way to silently run information gathering tools out of a U3 compatible USB thumb drive, look no further. The Hack5 USB Switchblade is a great tool to turn a harmless USB pen drive into a dangerous hacking tool.

Francois Larouche announced today the availability of a new version of Sql Power Injector , an excelent application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web application.

Evolution is a program that can be used to determine the relationships and real world links between people, systems and internet resources. Passive information gathering and intelligence.

PIRANA is a SMTP fuzzing and bruteforce exploitation framework that tests the security of a SMTP content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the SMTP server

The Network Situational Awareness group at CERT (CERT/NetSA) has developed and maintains a suite of open source tools for monitoring large-scale networks using flow data.

Today, however I witnessed a Qualys demonstration and I must say I really enjoyed it.
This post is a short review of QualysGuard vulnerability management system