Vega is a GUI-based, multi-platform Web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your Web applications. It also includes an intercepting/scanning proxy for interactive Web application debugging and fuzzing.
Ip phone Scanning Made Easy (ISME) scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN. It seeks to get the phone's configuration file directly from a TFTP server, enable SIP/SIPS (TCP/UDP), communicate with an embedded Web server and Web server banner, identify the editor by MAC address, and identify potential default login/password combinations which should be changed.
SecQua is a tool that quantifies the security of a given Information System, using a novel security metric. It tries to provide a deterministic, unbiased, objective, and efficient measurement. The approach is vulnerability driven and uses the National Vulnerability Database. A security metric must answer questions such as "How secure am I?", "Am I better compared to my last checkpoint/year?", "Am I spending the right amount of money for security?", "How do I compare to my peers?", and "What risk transfer options do I have?". SecQua can state that a system is now 60.2% secure, when last month it was 46.5%. Moreover, it tries to depict how vulnerability patterns expose the information system over time.
Multi Threaded TCP Port Scanner allows you to scan 65535 TCP ports on an IP address. You can specify how many threads to run and the timeout. Furthermore, it will tell you the MAC address of the target and the services that are running. You can scan IP addresses on your network and find out which open ports you have.
Inguma is a penetration testing and vulnerability research toolkit. The framework includes modules that discover hosts, gather information, fuzz targets, brute force user names and passwords and attempt exploits. While the current exploitation capabilities are limited, the program provides numerous tools for information gathering and target auditing.
Buck-Security is a security scanner for Debian and Ubuntu Linux. It helps you to harden your system by running some important security checks. For example, it finds world-writable files and directories, setuid and setgid programs, superuser accounts, and installed attack tool packages. It also checks your umask and checks if the sticky bit is set for /tmp, among other checks.