a script that uses brute force to crack passwords through "true/false" SQL injection vulnerabilities. With "true/false" SQL injection vulnerabilities, you cannot actually query data out of the database, only ask a statement that is returned "true" or "fal
is free, it only takes seconds to download and you don’t even need to install it, so you can download Browzar time and time again, whenever and wherever you need it to protect your privacy.
an interactive HTTP/S proxy server for attacking and debugging web-enabled applications. It operates as a man-in-the-middle between the end browser and the target web server, and allows the user to intercept, inspect and modify the raw
Encryption Toolkit that provides anyone with the ability to add strong security capabilities to an application in as little as half an hour, without needing to know any of the low-level details that make the encryption or authentication work.
an application that lets you monitor TCP and UDP activity on your local system. It a powerful tool for tracking down network-related configuration problems and analyzing application network usage.
dual-licensed implementation of SSL. It includes SSL client libraries and an SSL server implementation. It supports multiple APIs, including those defined by SSL and TLS. It also supports an OpenSSL compatibility interface.
a URL based identity system. An OpenID identity is simply a URL, and all the OpenID specification does is provide a way to securely prove that you own that ID on that URL. Unlike most identity systems, OpenID is completely decentralized.
web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are
Disposable temporary e-mail address which expire after 15 minutes. You can read and reply to e-mails that are sent to the temporary e-mail address within the given time frame.
offers the free service to timestamp any publicly available digital document. Timestamping creates evidence, that some digital data already existed at a specific date.
an Open Source (free) tool that allows you to have a different password for all the different programs and websites that you deal with, without actually having to remember all those usernames and passwords. (an alternative to KeepPass if needed)
an open source framework for applications that intercept ntercepts ( JDBC )and optionally modify database statements. For JBoss, ATG, Orion, JOnAS, iPlanet, WebLogic, WebSphere, Resin and Tomcat.
The Campaign to Eliminate DRM. There is no more important cause for electronic freedoms and privacy than the call for action to stop DRM from crippling our digital future.
a collection of utilities and technical information related to Windows internals by Mark Russinovich and Bryce Cogswell. Microsoft acquired Sysinternals in July, 2006.
a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
a free, open-source password manager or safe which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key-disk. (there is also a freakish .net version)
a platform for people seriously interested in anti-virus research, network security and computer security to communicate with each other, to develop solutions for various security problems, and to develop new security technologies.
A PAL -- a "Permissive Action Link" -- is the box that is supposed to prevent unauthorized use of a nuclear weapon. It's supposed to be impossible to "hot-wire" a nuclear weapon. Is it?