Hi i'm back from the vacations, i will start posting more frequently than before, it's an objetive that i set.
Well let's move on the first post, it is about some new tools and documents from the last weeks.
Blackhat and Defcon are over, and the presentations and whitepapers could be downloaded from here:
There are a lot of presentations, and some are really good.
Nmap-SOC: First Nmap SOC release! Nmap 4.22SOC1
The new nmap version is available, with all the improvements proposed in the Summer Of Code (Google). Some of the highlights are:
-The UMIT graphical Nmap frontend is now included
-The port selection mechanism was overhauled
-Added the --reason option which explains WHY Nmap assigned a port status
-Integrated all of your 2nd generation OS detection submissions, increasing the database size by 68% since 4.21ALPHA4 to 699 fingerprints.
-Added --servicedb and --versiondb command-line options which allow you to specify a custom Nmap services (port to port number translation and port frequency) file or version detection database.
-In verbose mode, Nmap now reports where it obtains data files (such as nmap-services) from.
These are some of the more significant (at least for me), there are many more improvements on the release.
Umit: Nmap frontend.
Really a very good frontend, with a lot of functionalities, like comparing between different scans, saving scans, multiple tabs, profiles, information highlighting, etc. This project is sponsored by the Google Summer Of Code.
Evolution: Massive information Gathering.
Evolution is a program that can be used to determine the relationships and real world links between different entities. Really it worths a try. I liked a lot the GUI, is still in beta stage, but is really awesome the interface.
The new toy from Immunity guys, this is a new debugger oriented for vulnerability analysis, and security related task. It's programmed in python :), you can load python scripts to aid the analysis. Immunity says:
-A debugger with functionality designed specifically for the security industry
-Cuts exploit development time by 50%
-Simple, understandable interfaces
-Robust and powerful scripting language for automating intelligent debugging
-Lightweight and fast debugging to prevent corruption during complex analysis
-Connectivity to fuzzers and exploit development tools
Really a very good tool.
That's all for today :)