NTO SQL Invader gives the ability to quickly and easily exploit or demonstrate SQL Injection vulnerabilities in Web applications. With a few simple clicks, you will be able to exploit a vulnerability to view the list of records,tables and user accounts of the back-end database.

Download
http://go.ntobjectives.com/

How to run the NTO SQL Invader in Ubuntu/Backtrack or any other Linux?

How to run the SQL Invader in Linux?
Requirements:
JRE 1.4 or 1.5 or 1.6 version

Step 1:
Download the .exe file from the given link.
Place it in desktop.

Step 2:
Right click on the NTOSQLInvader_Setup.exe file and click the extract here .

Now you can find a NTOSQLInvader_Setup folder in your desktop.

Step 3:
Open the folder ,there you can see three files . We are going to need "NTOSQLInvader.jar " file only. So delete other two files.

Step 4:
That's all , copy the .jar file anywhere else or leave it in Dekstop itself.
Double click the file it will start to run.
Enjoy the application in Linux also...!!

SparkTrust Certified protects your website by actively monitoring for security vulnerabilities, malware infections, and weaknesses exposed by search engines. Additionally, SparkTrust Certified looks at vulnerabilities hackers use to exploit websites, and provides you with the technical information you need to fix the weakness. By providing a comprehensive, universal approach to website security, SparkTrust Certified's unsurpassed technology and live support ensures that your website, and your customers, stays safe.

Features

- Website security report
- On demand scheduling
- Certified secure seal
- Malware Removal
- Blacklist Removal
- Vulnerability remediation sessions with our experts
- Event notifications
- Daily Advanced Web Recon monitor
- Daily Blacklist monitor
- Daily Malware Scanners
- Daily Website Monitor
- Tickets workflow with remediation tips
- Printable reports and charts

Source
https://www.sparktrust.com/sparktrustcertified/account/signup?continue=stc_createaccount_step1&completion=stc_thankyou&activate=&rcID=0&signupType=freeReport&workflow=freeReport

X-Scan is a general scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. Which X-Scan feature include in the following: service type, remote OS type and version detection, weak user/password pair, and all of the nessus attack scripts combination.

Create: 2005-07-18
http://xfocus.org/programs/200507/X-Scan-v3.3-en.rar

Australian researcher Silvio Cesare, PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may “embed” or “clone” code from 3rd party projects. This can be either statically link against external library or maintaining an internal copy of a library’s source or fork a copy of a library’s source.

Download
https://github.com/silviocesare/PackageCloneDetection

Joomscan Security Scanner updated recently with new database have 550 vulnerabilities. Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla web site. Last update for this tool was in August, 2009 with 466 vulnerabilities.

Download
http://web-center.si/joomscan/joomscan.rar

How to find the Joomla Vulnerability in Backtrack 5 Linux

Step 1: Moving to PenTest folder
Copy/Move the downloaded files in directory
/pentest/web/scanners/joomscan/

Step2: Set Permission
Now you have to set permission for the Joomscan file. In order to this, Type the following command in Terminal(if you don't know how to open terminal at all, please stop reading this and start it from basics of Linux).
CHMOD 0777 joomscan.pl

Step 3: Update
Update the scanner to latest version. To do this, enter the following command in Terminal:
./joomscan.pl update

Step 4: Scanning for Vulnerability
Now everything ok, we have to scan our joomla site for vulnerability. To do this, enter the following command in Terminal:
./joomscan.pl -u www.YourJoomlasite.com

Wait for a while, and it will list of the vulnerability found.
by BreakTheSec

This is the application that detected almost all of the web application vulnerabilities listed on the advisories page. PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is necessary to begin a scan; PHP Vulnerability Hunter doesn’t even need a user specified starting URI.

Download
http://code.google.com/p/php-vulnerability-hunter/downloads/list

GoLISMERO is a web spider is able to detect vulnerabilities and format results a very useful when starting a web audit. Every time we face a new URL, would not it be great to have easily and quick all the links, forms with parameters, to detect possible URL vulnerable and in addition to being presented so that gives us an idea of ??all points of entry where we could launch attacks? GoLISMERO lets us do all this.

Download
http://code.google.com/p/golismero/downloads/list

./GoLISMERO.py –t google.com

Vulnerability Assessment
http://www.vulnerabilityassessment.co.uk/

Net-Force
http://net-force.nl/

Hack Quest
http://hackquest.com/

HackThisSite
http://www.hackthissite.org/

EnigmaGroup
http://www.enigmagroup.org/pages/basics/

Smash The Stack
http://www.smashthestack.org/

Wechall
https://www.wechall.net/


by
WarGames

Online Software Inspector – OSI, is a fast way to scan your PC for the most common programs and vulnerabilities, thus checking if your PC has a minimum security baseline against known patched vulnerabilities.

Source
http://secunia.com/vulnerability_scanning/online/

Download
ftp://ftp.secunia.com/PSI3BetaSetup.exe

PacketFence is an open-source network access control (NAC) system which provides the following features: registration, detection of abnormal network activities, proactive vulnerability scans, isolation of problematic devices, remediation through a captive portal, 802.1X, wireless integration and DHCP fingerprinting.

Download
http://www.packetfence.org/download/releases.html