PIRANA is a SMTP fuzzing and bruteforce exploitation framework that tests the security of a SMTP content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the SMTP server

The Network Situational Awareness group at CERT (CERT/NetSA) has developed and maintains a suite of open source tools for monitoring large-scale networks using flow data.

Today, however I witnessed a Qualys demonstration and I must say I really enjoyed it.
This post is a short review of QualysGuard vulnerability management system

PRIAMOS It is fully automated and very easy to use. First, you will scan the application for vulnerable parameters and then launch the SQL injection attack against selected vulnerable parameter.

WiFiDEnum is the WiFi Driver Enumerator, a Windows tool that assesses wireless driver information on local and remote Windows workstations. Using a database of known wireless vulnerabilities, WiFiDEnum assesses the versions of installed drivers and produces a vulnerability report, identifying systems and specific drivers that are at risk to wireless driver exploit attacks.

another web testing tool called FunkLoad. This python application can be used for functional and regression testing of web applications.

WebLOAD stress and load testing tool has been released by Radware as open source. The Commercial-Grade Open Source Load Testing Solution from RadView. Load-test any Internet Application, including applications that use Web 2.0 & AJAX.

It is very common today for malware to “call home” upon infecting a victim computer and this is exactly where White Trash kicks in : It is a user driven dynamic white listing system that guarantees that the outgoing HTTP connections have been initiated by real users. A nice side effect is holding the users responsible for all the browsing history recorded by the system.

It’s about storing unique MD5 hashes in the title of numerous pages spidered by Google . You may call it an implementation of an hash search engine using Google.

Acunetix Web Vulnerability Scanner 5 is definitely a most valuable ally in the battle against web security risks. This versatile software has successfully tackled the 80 / 20 problem of advanced software applications. It delivers good value for the money even if you use just 20 percent of it’s features, whereas in the hands of an web application security professional it reveals the 80 percent reserve of raw power.