A free utility that you can use to demonstrate SQL injection vulnerabilities in web apps has been released by web security specialists, NT OBJECTives.

NTO SQL Invader is interesting because it isn’t designed to find the vulnerability; instead, the aim is to give you a way to show how the vulnerability could be exploited.

NTO SQL Invader Provides Pen Testers and Developers the Ability to Quickly and Easily Exploit and Demonstrate SQL Injection Vulnerabilities in Web Applications
NT OBJECTives, a provider of automated, comprehensive and accurate Web Application security software, services and SaaS, today announced the availability of NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection vulnerabilities in Web applications.

Most organizations understand that SQL Injection vulnerabilities put their sensitive data at risk and it has been the dominant method used in this year’s high-profile web application attacks; with millions of sites attacked in 2011.

Despite the fact that SQL Injection is well documented and there are tools to discover the vulnerabilities, it has been very difficult to determine if the vulnerability can actually be exploited because most existing SQL Injection testing tools are executed from a command line, lack an intuitive user interface or are no longer supported. Without the ability to clearly demonstrate the exploitability of a vulnerability, remediation efforts are often delayed and friction between security and development teams surfaces. NTO SQL Invader allows pen testers and developers to quickly and easily leverage a vulnerability to view the list of records, tables and user accounts on the back-end database.

With a few simple clicks in NTO SQL Invader, a user can exploit a web application vulnerability that was discovered manually or from a Dynamic Application Security Testing (DAST) tool like NTOSpider. NTO SQL Invader works as a stand-alone tool and also includes integration with NTOSpider’s reporting technology to assist pen testers and developers in quickly identifying and validating discovered vulnerabilities. While reviewing and confirming results from NTOSpider, users can leverage NTO SQL Invader to provide a polished, real-world proof-of-concept for the discovered SQL Injection vulnerabilities.
“Accurate vulnerability identification is a crucial and challenging task but it is only half the battle,” says Dan Kuykendall, co-CEO and Chief Technology Officer of NT OBJECTives. “We wanted to support organizations in their analysis and remediation efforts by providing an easy to use tool that enables penetration testers to demonstrate how these vulnerabilities can be exploited. We felt it was important to provide a free and useful tool to our customers and to the entire community.”

According to a report in techworld.com European countries have announced plans to ban hacking and penetration testing tools

Justice Ministers across Europe want to make the creation of “hacking tools” a criminal offence, but critics have hit back at the plans, saying that they are unworkable.

Ministers from all 27 countries of the European Union met on June 9 to discuss European Commission proposals for a directive on attacks against information systems. But in addition to approving the Commission’s text, the ministers extended the draft to include “the production and making available of tools for committing offences”.

This is problematic, as much legal and legitimate software could be put to criminal use by hackers. The draft mentions “malicious software designed to create botnets or unrightfully obtained computer passwords,” but goes no further in attempting to clarify what “tools” might be subject to criminal sanctions.

To read the full article read European countries want to ban hacking and penetration testing tools

According to a report in eweek – A security researcher will reveal at Black Hat DC how he deployed password-testing software on Amazon EC2 to break into a secured wireless network using WPA-PSK.

Titled ‘Amazon EC2 Used to Crack Password Encryption on Wireless Networks’  the hack took only 20 Minutes to complete:

Specialized software running over Amazon’s cloud services can be used to crack passwords on wireless networks, said a German security researcher on Jan. 7.Thomas Roth, a security and software engineering consultant at Lanworks AG, in Cologne, Germany, will be publicizing his research at the Black Hat conference in Washington, D.C., Jan. 16-17.

To read the full article read Amazon EC2 Used to Crack Password Encryption on Wireless Networks.

SearchSecurity.com have featured an article on a new Penetration Testing Software Release.

Written by Robert Westervelt, Core Security launches CISO-level pen testing software the article dicusses the release of a new tool and its features.

Core Security Technologies is introducing new pen testing software that, according to the company, has robust reporting capabilities, enabling CIOs, CISOs and other executives to gauge risk to internal systems and gain greater visibility into the progress of ongoing security initiatives.

The Boston-based penetration testing firm, best known for its Core Impact Pro software for pen testers, launched Core Insight Enterprise on Monday. The new tool can be programmed to view critical systems and their connection points and then can be set to conduct multiple, automated pen tests in an attempt to find a way into the company’s most critical assets, said Mark Hatton, CEO of Core Security Technologies Inc.

To read more click here.

Veracode is actively recruiting channel partners for a new cloud-based platform that allows partners and users to verify application security independently in both internally developed and third-party software without requiring source code or expensive in-house tools.

The launch of its Global Partner Programme will certify partners to sell its SecurityReview security verification solution delivered as software-as-a-service. Registered partners can manage the application scan process for clients without any upfront investment and receive a comprehensive report of application weaknesses in respect to compliance drivers such as PCI and OWASP.

According to Matt Peachey, VP for EMEA at Veracode, the arrival of web 2.0 has moved the security perimeter with new applications on mobile devices and in browsers becoming potential security risks. “It’s an increasing problem due to the nature of modern software development,; [Veracode] give partners the opportunity to solve many of these issues,” he says.

The service accepts binary files into its secure hosted environment which analyses each file for weaknesses using a combination of remote tools and technical specialists before returning a detailed report highlighting potential problems.

Peachey, who joins the firm following stints at IronPort, NetApp and Sun, is leading the drive to build a credible European channel. Part of the push by Veracode is in response to its rival Fortify being purchased by HP in August. Although the firms have different technology, they both offer to help developers secure code and avoid potential security issues.

For partners looking at offering the service, a typical scan can cost from several hundred to thousands of pounds depending on the complexity and size of the application. With margins of around 20 percent, the service offers a healthy profit without upfront commitment or technical training.

The vendor has already signed up a number of partners including Nebulas and Pentura, and Peachey points out that even individual consultants can use its SaaS as a “white label” tool to augment code reviews or security testing services.

Scalable Network Technologies, Inc. (SNT), the leader in wireless network modeling and simulation, announced that the company has developed a software capability that enables integration of realistic cyber warfare communication effects into a Live Virtual Constructive (LVC) environment. The result is an advanced system that provides more realistic training and improved analysis capabilities to counter the increasing vulnerability of military systems to computer network attacks (CNA).

Although current generation computer-based battlefield simulations deliver experiential realism in force positioning, troop movement, supply routing, enemy force detection/engagement, and damage calculation – next generation net-centric systems open up a new domain of cyber vulnerability that today’s war gaming systems don’t encompass.  Without the inclusion of cyber warfare communications effects, battlefield modeling and simulation can be overly optimistic, risking and/or perpetuating negative training. By integrating high fidelity communication models that incorporate network attack/defense, as well as performance aberrations caused by various environmental factors – the ability to analyze and train for the impact of cyber warfare on mission outcome is dramatically improved.

Integration Into Battlefield Simulation

This new synthetic cyber warfare test bed is capable of realistically representing a network-centric battlespace under cyber attack for testing and training applications. The test bed is achieved by integrating SNT’s EXata™/cyber with COTS Computer Generated Forces (CGF). Cyber warfare models (jammer, eavesdropper, distributed denial of service, network attack) are developed and implemented within EXata/cyber. For the integration, both tools take advantage of an Interface Control Document (ICD) that works via the HLA signal and data interactions to facilitate communications modeling between HLA federates.

Members of SNT’s technical staff will deliver a paper titled “Introducing a Cyber Warfare Communications Effect Model to Synthetic Environments” at I/ITSEC, the world’s largest modeling, simulation & training conference, on Tuesday, November 30, 2010 at 5:00 PM in Room S320D. In the presentation the authors describe how they integrated a cyber warfare communications model into a Live Virtual Constructive (LVC) environment, and examine the impact of using the cyber warfare model versus the limitations of simplified communication models in synthetic environments.  The I/ITSEC Conference is being held at the Orange County Convention Center, Orlando, FL.

The world’s largest network equipment manufacturer has awarded a major supply contract to Dyaptive Systems for additional 3G/4G subscriber simulation systems over a multi-year period. Dyaptive’s end-to-end solution was selected, after extensive trials and evaluations, to upgrade the primary test beds used to ensure robustness, performance, scale and quality of the company’s innovative 3G and 4G network elements.

Why is Stability and Robustness Testing Important?

Stability and Robustness are crucial elements for today’s live, 24/7 mobile networks, which are expected to run autonomously without relying on human intervention. For example, Dyaptive’s solutions ’soak’ the network with real-world traffic loads over long periods of time in order to find defects that would otherwise only be discovered by live customers, reducing their quality of experience. In Dyaptive’s most recent contract, the manufacturer located numerous latent defects that had previously eluded established testing methods. Both equipment manufacturers and wireless operators derive high value from Dyaptive’s end-to-end solutions, which feature realistic, complex traffic mixes that are easy to create and execute. Other competitive tools on the market provide traffic that is “synthetic” and hence fails to expose the latent network defects that Dyaptive finds.

“The award of this contract is another indicator of the value the Dyaptive DMTS brings to RAN vendors and operators in their quest to ensure the utmost quality and performance in their 3G/4G products and networks,” said Joe Sutherland, President and CEO, Dyaptive Systems Inc. “Dyaptive’s platform is again proving to be the most cost effective, flexible and easiest to use 3G/4G test solution for development, verification and network engineers. We are very proud to have been selected by the leader in 3/4G networking to be their test partner for their future needs.”

Help Net Security have featured a book review on network attacks.

Seven Deadliest Network Attacks written by Stacy Prowell, Rob Kraus and Mike Borkin and published by Syngress, book introduces the reader to the anatomy of attacks aimed at networks: DoS, MiTM, war dialing, penetration testing, protocol tunneling, password replay and spanning tree attacks.

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks.

This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.

Rapid7®, the leading provider of unified vulnerability management and penetration testing solutions, today announced the availability of Metasploit Pro™, the new software for security professionals in enterprises, government agencies and consulting firms who need to make network security testing more efficient to reduce costs. Unlike alternative products, Metasploit Pro improves the efficiency of penetration testers by providing unrestricted remote network access and enabling teams to collaborate efficiently. Metasploit Pro exceeds the functionality of Metasploit Express™ with support for security testing of custom Web applications, managing client-side campaigns against end-users and additional evasion features.

“Metasploit Pro completes our suite of penetration testing products and addresses the needs of the penetration testing expert who requires advanced features,” said Mike Tuchen, Rapid7 president and CEO. “We built Metasploit Pro with the same intuitive interface and efficient workflows of Metasploit Express and added advanced features that enable penetration testers to compromise networks deeper and faster. As a result, they can complete their security testing in less time, greatly reducing the overall impact on security budgets.”

The Metasploit® Framework is the most widely used and mature solution in the market with more than one million unique downloads in the past year and the world’s largest, public database for quality assured exploits. As organizations face increasing threats to complex, business-critical systems, the ability to simulate realistic attacks on their infrastructure in a fast and cost-effective manner is critical. Only Metasploit products are based on the Metasploit Framework, the gold standard for penetration testing, and are therefore best suited to emulate realistic attacks.

To efficiently ensure the highest possible security of their IT infrastructure, enterprises need to prioritize the mitigation of vulnerabilities. Metasploit is the world’s only penetration testing solution that directly launches NeXpose® vulnerability scans to verify vulnerabilities. Based on this enterprise risk scoring, organizations can make informed decisions about which vulnerabilities should be addressed first.

“We’ve been thrilled with all the capabilities of Metasploit Express and were excited to try the advanced features of the new Metasploit Pro, especially team collaboration,” says Jim O’Gorman, security systems specialist at Continuum Worldwide, a leading independent provider of business assurance solutions and a Rapid7 customer. “Enabling penetration testers to share findings and notes definitely helps keep everyone in synch and productivity moving. It’s also a great time saver at the end of an assignment because you can create a single report including everyone’s findings at the push of a button.”

Metasploit Pro:

* Scans and exploits Web applications. Metasploit Pro enables you to scan and exploit both standard and custom Web applications, often the most publicly accessible server on the network. These can provide a pivot point into a database or further into the network.
* Runs social engineering campaigns. Metasploit Pro runs custom social engineering campaigns, including website cloning for phishing and emails with malicious attachments, to compromise end-user systems, providing additional attack vectors into the network.
* Achieves unprecedented network access. Metasploit Pro is the world’s only penetration testing solution to achieve unrestricted remote network access through a compromised host. Unlike alternative products, which provide proxy-based pivoting that is restricted to certain protocols, Metasploit Pro’s VPN pivoting evades firewall restrictions and provides encrypted access into networks at the Ethernet level, providing the same capabilities as a physical network tap. As a result, penetration testers can run any network discovery tool, such as the NeXpose vulnerability scanner, through a compromised host as if they were directly connected to the internal network.
* Enables unique team collaboration. Metasploit Pro is the world’s first penetration testing solution that supports team collaboration to coordinate concerted attacks. Team members can see and search each other’s actions, progress and notes to make team efforts more efficient. Known hosts, credentials and hashes are automatically leveraged by other team members.

“I firmly believe that Metasploit Pro combines best-of-breed tools in a sane, easy-to-use format, enabling us to do our job quickly and thoroughly,” says Joshua Brashars, senior security consultant at AppSec Consulting, an information security firm and a Rapid7 consulting partner. “With Metasploit Pro, my team can maximize the efficiency of our penetration tests while minimizing the number of tools we require. Metasploit Pro combines the power of the Metasploit Framework with a simple-to-use interface that allows us to hit the ground running.”

“With Metasploit Pro, we’ve delivered a solution for penetration testers who love the workflow of Metasploit Express but needed to go even further with their security assessments,” said HD Moore, Rapid7 CSO and Metasploit chief architect. “Rapid7 is uniquely positioned to offer a multi-tiered product that solves the real-world challenges of hundreds of thousands of security professionals and researchers. And, as a result of our success with commercial products, we’re able to drive higher quality, additional features and faster exploit development in the free, open-source framework, giving directly back to the community that sustains us.”

Athena Security, the makers of Athena FirePAC, a comprehensive enterprise firewall audit and operations tool, today announced that it will make the company’s Configuration Debugger, the first and only software solution that network engineers can use for offline troubleshooting of service availability issues on Cisco, Check Point and Netscreen firewalls, available for a free download until Halloween.

The Athena’s Configuration Debugger features all the tools and functionality for troubleshooting even the most complicated features related to firewalls from Cisco, Check Point and Juniper. It simulates the behavior of the firewall so line level technicians can quickly determine how the firewall is configured to allow or block traffic flows to reachable hosts or subnets.

“The Athena Configuration Debugger is a far more convenient alternative to Cisco’s Packet Tracer for applying virtual packets to troubleshoot dropped services,” said David Hurst, CTO, Athena Security. “Focused, flexible and easy to use, firewall engineers can use this tool to quickly get to the heart of the rules that cause great confusion.”

With the limited time free download, users can try the Athena Configuration Debugger to examine the entire configuration in a matter of minutes. Using virtual packets, users can get interactive results that allow them to easily explore rule/object relationships to isolate the specific location for fixes fast.

The Debugger is the only product in the marketplace to:

• Support a mixed environment including Cisco PIX, ASA, FWSM, Check Point, and Juniper Netscreen firewalls. You can bring all of these firewalls into Athena and isolate the ACLs, NATs and Routes that require remediation.
• Troubleshoot packets specified by IP ranges, and a number of services, or entire subnets.
• Does not require any firewall connectivity to perform a trace.
• Isolate all applicable interfaces based on routing and NATing

Troubleshooting service availability issues often requires a complete examination of the configuration and an accurate mapping of how policies relate to the structural and order dependencies between all of the ACLs, NATs and Routes. This is a time consuming process. The Athena Configuration Debugger is the industry’s only tool to make these rule relationships explicitly clear, allowing engineers to target exact areas in the firewall configuration where critical services are being blocked so they can be restored quickly.

Users can actually specify the traffic they are trying to debug using a single IP address, a number of services, or a subnet. The Debugger will perform a reachability analysis to automatically determine access lists or zone-to-zone policies, and evaluates how they respond to the user’s actions and produces the results organized by rules and by packets. The Debugger examines any settings or implied rules that could affect the resulting traffic flows.

The Debugger also provides advanced comparison capabilities where it links each rule and object change to its impact on added or deleted traffic flows. This enables the ability to identify what specific changes are responsible for a service disruption.

To get the Athena Configuration Debugger, IT managers can select any Cisco, CheckPoint, or Netscreen firewall, even the most complex, and send an email to Athena Security at sales@athenasecurity.net with the message subject: Free Configuration Debugger. In the body of the email, include the IP address of the firewall and an Athena representative will provide the free license. The free license is good for one year from the date of installation and the offer is available until October 31, 2010.