Grendel Scan an open source automated web application security auditing tool gave a presentation at DEFCON.

Grendel-Scan has an built in automated testing modules for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests. Grendel-Scan system requirement is Java 5; Windows, Linux and Macintosh builds are available.

Grendel-Scan is compatible with 32 Bit java only.

PowerPoint Slides available here.

You may also like this

• Xplico: Open source Network Forensic Analysis Tool


• Open Source Vulnerability Database Mysql Dump

Popular Internet Web Browser developers Opera released an update to its software, patching half a dozen security vulnerabilities in various versions of its software for Windows, Mac, Linux and other operating system.  Opera’s recommended patch upgrades the Opera browser to version 9.5.2, which patches 5 flaws in Opera for Mac OS X, 6 Flaws in the Linux version and 7 Flaws in the version for Windows.  As per advisory most critical flaw — labeled “extremely severe” by Opera — is a remote vulnerability that affects Windows based browser and can enable an attacker to crash Opera through an external application call and install malicious programs, Original Advisory is available here .

You may also like this

• No Related Post

Bharti Airtel’s CIO and IT director Jai Menon claims their new version of Airtel Iphone is hacker proof.

As per the interview with Indiatimes, jai menon claims “Even if a hacker figures out a way to make voice calls from an iPhone procured from our stores using a non-Airtel SIM, he will not be able to access any of the ‘Airtel Live’ or ‘Airtel Apps’ features built into all the iPhones sold by Airtel.

We’ve built in suitable levels of security to ensure both applications remain out of bounds for hackers. All iPhones distributed by Airtel will run on OSX (Version 2) OS which also powers Apple notebooks worldwide.”

Loaded with sensitive applications like mobile payment (m-Check) and to prove Mr. Menon wrong, the new Airtel Iphone would surely be drawing a lot of attention from those hackers.

You may also like this

• No Related Post

As per Red Hat newsletter, the system used by the Fedora Project to sign the software packages for automatically updating end users’ systems has been breached, the attack on network also affected the Fedora Project’s database and proxy servers, hosted systems and collaboration network.Fedora Project claimed that the intruders did not get the package signing key, the encryption master key with which attackers could inject malicious codes into Fedora users’ systems through the update process.

Though the intruder was able to sign a small number of OpenSSH packages relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture only), as a precautionary measure, Red Hat has release an updated version of compromised packages and have published a list of the tampered packages and how to detect them.

Networks with critical Red Hat Servers are advised to verify their server packages.

You may also like this

• No Related Post