THC-Hydra V-7.2 Released

A very fast network logon cracker which support many different services.Hydra is best for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.

 
CHANGELOG for 7.2 :

* Speed-up http modules auth mechanism detection
* Fixed -C colonfile mode when empty login/passwords were used (thanks to will(at)configitnow(dot)com for reporting)
* The -f switch was not working for postgres, afp, socks5,
* firebird and ncp, thanks to Richard Whitcroft for reporting!
* Fixed NTLM auth in http-proxy/http-proxy-url module
* Fixed URL when being redirected in http-form module, thanks to gash(at)chaostreff(dot)at
* Fix MSSQL success login condition, thanks to whistle_master(at)live(dot)com
* Fix http form module: optional headers and 3xx status redirect, thx to Gash
* Fix in configure script for –prefix option, thanks to dazzlepod
* Update of the dpl4hydra script by Roland Kessler, thanks!
* Small fix for hydra man page, thanks to brad(at)comstyle(dot)com

You can also take a look at the full CHANGES file

Download In here : hydra-7.2-src.tar.gz

Or read more in here : http://www.thc.org/

Updates: Autoruns v11, Coreinfo v3.01, ProcDump v4.01 and Process Explorer v15.05

Updates: Autoruns v11, Coreinfo v3.01, ProcDump v4.01 and Process Explorer v15.05

Autoruns v11: This update to Autoruns, a GUI and command-line tool that lists executables configured to run when you boot, logon or run common applications, adds a “jump to folder” command and several additional autostart locations. The command-line version, Autorunsc, adds a new switch to show file hashes and an option to display the autostart entries for all user accounts registered on a system.

Coreinfo v3.01: This update to Coreinfo, a command-line utility that shows processor features and topology, fixes a bug in the way it reports hyper-threading and gives a warning when showing virtualization features and a hypervisor is running.

ProcDump v4.01: This release of ProcDump, a tool for capturing process memory dumps, adds a context record for 1st chance exception dumps so that registers and the call stack of the faulting thread are captured.

Process Explorer v15.05: This update fixes a bug in cycle CPU usage calculation on Windows 7.

source: blogs.technet.com

WebSurgery v.0.6 Released

WebSurgery v.0.6 Released  

Web application testing suite

WebSurgery is a suite of tools for security testing of web applications. It was designed for security auditors to help them with the web application planning and exploitation. Currently, it uses an efficient, fast and stable Web Crawler, File/Dir Brute forcer, Fuzzer for advanced exploitation of known and unusual vulnerabilities such as SQL Injections, Cross site scripting (XSS), Brute force for login forms, identification of firewall-filtered rules, DOS Attacks and WEB Proxy to analyze, intercept and manipulate the traffic between your browser and the target web application.

Download: http://www.surgeonix.com

OWASP Zed Attack Proxy v.1.3.2 Released

OWASP Zed Attack Proxy v.1.3.2 Released

The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

Some of ZAP’s features:
Intercepting Proxy
Automated scanner
Passive scanner
Brute Force scanner
Spider
Fuzzer
Port scanner
Dynamic SSL certificates
API
Beanshell integration

Download: http://code.google.comhttps://www.owasp.org