If you are not familiar with the power of sqlmap head over to the sourceforge site for demo videos and some top notch documentation. Our scanning tools are configured to discover sql injection holes. However the full power of sqlmap allows you move into the exploitation phase and take over a server – an excellent tool for penetration testing and showing management how serious sql injection holes can be. New features include integration with Metasploit.

The most notably thing is how much the results vary, and how many vulnerabilities most scanners miss. Clearly using more than one scanner is necessary to be able to compare the results, and nothing can beat testing by skilled security professionals.

NTOSpider by NT Objectives came out in the lead with the best overall score of the application scanners tested (which included Acunetix, Appscan, Burp Suite Pro, Hailstorm, WebInspect, and NTOSpider). He also measured things like how long the various scanners take to configure, support and so on – all important things for companies about to make the big investment. This isn’t all scanners everywhere (notably WhiteHat is missing as is the newest player to the field, NetSparker who incidentally took it upon themselves to add themselves into the report after the fact, and other free web assessment tools, like Nikto etc…), but it’s a great start to a long future of heavily debated research, I’m sure. Love him, or hate him, Larry’s always got interesting research to share!

Accuracy and Time Costs of Web Application Security Scanner Report

I guess now would be a good time to point out that even if you cough up the money for a commercial scanner or perhaps an online scanning service such as Qualys or ControlScan getting a second opinion from a service such as ours here at HackerTarget.com is an excellent way to get a second option.

Enjoy the web scanning from the leading open source web scanning tool.

Head over to Cirt.net for full details.

Latest version includes performance improvements, new OS finger printing and a new traceroute engine.

We believe the Internet should make life better. Join us the week of September 14-21, 2009, as we take action to make a difference in our communities, our world, our Web.

At HackerTarget.com we have pledged our support and are willing to provide non-profit organisations and NGO’s with free full security vulnerability assessments. Information Security is important to any organisation and we intend to assist specific organisations and raise awareness of the need for a good security process.

Mozilla Service Week

Analysis of our scan history shows many of our users do not fully understand the role of each different tool. So we have released a new paper that summarises each tool and provides links to the full documentation of each of these tools.

Includes details and sample output from each of our scan options; including the online nmap port scan, the OpenVas Vulnerability Scanner, Fierce dns scanner, Nikto Web Scanner, SQL Injection scanning option and the Joomla site scanner.

HackerTarget.com Security Scanning Tools Overview

Head on over and let us know your ideas, add your votes to the ones you like.

Keep an eye out as we explore some of the new features, we will be sure to implement them here, keeping HackerTarget.com the number one stop for all your online vulnerability scanning solutions.

Before we go into the detailed changes, here are the top 5 improvements in Nmap 5:

1. The new Ncat tool aims to be your Swiss Army Knife for data transfer, redirection, and debugging. We released a whole users’ guide detailing security testing and network administration tasks made easy with Ncat.
2. The addition of the Ndiff scan comparison tool completes Nmap’s growth into a whole suite of applications which work together to serve network administrators and security practitioners. Ndiff makes it easy to automatically scan your network daily and report on any changes (systems coming up or going down or changes to the software services they are running). The other two tools now packaged with Nmap itself are Ncat and the much improved Zenmap GUI and results viewer.
3. Nmap performance has improved dramatically. We spent last summer scanning much of the Internet and merging that data with internal enterprise scan logs to determine the most commonly open ports. This allows Nmap to scan fewer ports by default while finding more open ports. We also added a fixed-rate scan engine so you can bypass Nmap’s congestion control algorithms and scan at exactly the rate (packets per second) you specify.
4. We released Nmap Network Scanning, the official Nmap guide to network discovery and security scanning. From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. More than half the book is available in the free online edition.
5. The Nmap Scripting Engine (NSE) is one of Nmap’s most powerful and flexible features. It allows users to write (and share) simple scripts to automate a wide variety of networking tasks. Those scripts are then executed in parallel with the speed and efficiency you expect from Nmap. All existing scripts have been improved, and 32 new ones added. New scripts include a whole bunch of MSRPC/NetBIOS attacks, queries, and vulnerability probes; open proxy detection; whois and AS number lookup queries; brute force attack scripts against the SNMP and POP3 protocols; and many more. All NSE scripts and modules are described in the new NSE documentation portal.

http://nmap.org/5/#5changes

I will look at doing some more with the stats to get more of a trend over time, perhaps full automating and building some graphical representations of the data over the months.

As you can see 122.3.9.40 is a busy little server, whois reveals the system is based in the Philippines and a google of the IP shows it be on a number of lists of attacking systems, including one called botnet.txt. So as is likely for most the high scores in this list, they will no doubt be compromised machines used to launch attacks scanning whole ranges of IP’s for open or poorly passworded ssh servers.

So now might be a good time to reset all your accounts and make sure you have strong passwords. These ssh brute force attacks are not going away any time soon.

An excellent method of avoiding these attacks is to change your ssh listen port. Simple to do – just change the “Listen” directive in /etc/sshd/sshd_config.

We have added it to our basic sql injection tool that allows you to enter a suspect url (that you own or have permission to scan) and have the url checked for sql injection points.

Click over here now to test it out