If you are aware of the PenTestIT.Com’s WAPT FireFox Add-ons, this collection might ring a bell in your security inclined mind. This is a portable version of Mozilla Firefox with several addons that are useful for Web Application Security. The purpose of this package is to have the best available addons to manually test XSS, SQL, siXSS, CSRF, Trace XSS, RFI, LFI, etc.

We have tested it on Windows XP SP2 and SP3 and found it very useful. But, with more manual intervention for reporting and other fine tuning of tools, this could be an awesome collection!

Download Firefox Portable WEBTOOLS here

If you enjoyed this article, you might also like:

• August 20, 2010 -- UPDATE: XSSer v0.7a!
  All of you web application penetration testers, check out this release of XSSer version 0.7a, for i...
• July 2, 2010 -- UPDATE: XSSer v0.6a!
  All of you web application penetration testers, check out this release of XSSer version 0.6a, for i...
• April 19, 2010 -- UPDATE: XSSer v0.5a!
  All of you web application penetration testers, check out this release of XSSer version 0.5a!“C...
• April 18, 2010 -- The Clickjacking Tool!
  A lot has been happening since the last week - BlackHat and all! Just as luck would have it, we were...
• March 21, 2010 -- UPDATE: XSSer v0.4a!
  See! This is what we say about an actively maintained project! We wrote about XSSer just yesterday ...
• March 20, 2010 -- XSSer: Automate your XSS Injections!
  If you are aware, we posted about XSSPloit almost a year ago. Since then, we have bought to you too...
• September 6, 2010 -- ZAProxy: A Web Application Penetration Testing Tool Developers!
  If you remember about Andiparos, you might remember that it was a fork of the famous Paros Proxy. No...
• September 3, 2010 -- DotDotPwn: A Tool for Directory Traversal Checking and Scanning!
  DotDotPwn is a simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FT...
• August 16, 2010 -- UPDATE: Websecurify 0.7!
  Good news for Websecurify lovers, as we have an updated Websecurify version 0.7 amongst us finally! ...

Our first post regarding the DLLHijackAuditor can be found here. Now, the author has released an update – DLLHijackAuditor version 2!

“DllHijackAuditor is a smart tool to Audit against the Dll Hijacking Vulnerability in any Windows application. This is recently discovered critical security issue affecting almost all Windows systems on the planet. It appears that large amount of Windows applications are currently susceptible to this vulnerability which can allow any attacker to completely take over the system.”

This is the official changelog:

• Smart Debugger based ‘Interception Engine’ for consistent and efficient performance without intrusion.
• Support for specifying as well as auditing of application with custom & multiple Extensions.
• Timeout Configuration to alter the waiting time for each Application.

Download DllHijackAuditor v2.0 here

If you enjoyed this article, you might also like:

• August 31, 2010 -- DllHijackAuditor: Audit the DLL Hijacking Vulnerability!
  DllHijackAuditor is the smart tool to audit against the DLL Hijacking Vulnerability on any Windows a...
• August 31, 2010 -- Three Tools to Help You find DLL Hijacking Vulnerabilities!
  Discovering new vulnerabilities for the now famous Microsoft article - KB 2269639 has become very ea...
• September 2, 2010 -- UPDATE: ProcNetMonitor v2.7!
  Whoa! It sure has been a long time since we updated information about ProcNetMonitor. We had mention...
• August 27, 2010 -- DLLHijackAuditKit v2: Better, Faster, Stronger DLL Tests!
  The latest buzz word in the information security industry is "insecure DLL loading", "DLL hijacking"...
• August 18, 2010 -- UPDATE: WhatWeb v0.4.5!
  We originally wrote about WhatWeb in our previous post here. It has now been updated to WhatWeb ve...
• August 18, 2010 -- Nmapsi: A NMAP GUI!
  Yet another nmap GUI - NmapSi is a complete Qt-based GUI with the design goals to provide a complete...
• August 11, 2010 -- DOMScan: Tool for Scanning and Analyzing DOM
  DOMScan is utility to drive IE and capture real time DOM from the browser. It gives access to active...
• August 6, 2010 -- Update : PDF Dissector 1.5.0!
  PDF Dissector version 1.5.0 is a PDF malware analysis tool. It brings two very cool new features. ...
• July 19, 2010 -- PenTestIT Post Of The Day: Black-box Web Vulnerability Scanners!
  What is the article about?Black-box web vulnerability scanners are a class of tools that can be ...

You can find our first post about Hyenae, which was written here. Now, the authors have released an updated Hyenae version 0.35-2.

“Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant.“

Bugs were fixed in the updated version. Also, the documentation was updated. The command line usage information was extended and a memory leak patch was applied.

Download Hyenae v0.35-2 here.

If you enjoyed this article, you might also like:

• July 31, 2009 -- Hyenae: A Platform Independent Network Packet Generator!
  Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduc...
• May 24, 2010 -- UPDATE: Darkjumper v5.8!
  You can find our original post regarding Darkjumper here. An updated Darkjumper version 5.8 was rele...
• February 24, 2010 -- Darkjumper – A scanner to check for SQL injection, LFI’s and RFI vulnerabilities!
  Darkjumper is a tool that will try to find every website that host at the same server at your target...
• October 19, 2009 -- Longcat – multi-protocol stress testing tool
  Longcat Flooder is a multi-protocol flooding tool written during the Subeta raids, by the same creat...
• September 7, 2010 -- Download Ashampoo Burning Studio 2010, WinOptimizer 6 And PhotoCommander 7 For Free and genuine.
  Download Ashampoo Burning Studio 2010, WinOptimizer 6 And PhotoCommander 7 For Free and genuine....
• September 2, 2010 -- UPDATE: Microsoft Enhanced Mitigation Evaluation Toolkit v2!
  Nice! Our first post regarding the Microsoft Enhanced Mitigation Evaluation Toolkit or EMET can be f...
• September 2, 2010 -- UPDATE: ProcNetMonitor v2.7!
  Whoa! It sure has been a long time since we updated information about ProcNetMonitor. We had mention...
• August 8, 2010 -- iKAT: The Interactive Kiosk Attack Tool for all!
  Designed as a SaaS, iKAT features many methods of escaping out of a browser jailed environment and g...
• August 1, 2010 -- UPDATE: PyLoris 3.1!
  Again it took long time for Motoma to release this version! PyLoris goes GUI! Finally, he has releas...

We first wrote about Artemisa in our post here. Now, Artemisa version 1.0.88 has been released!

Artemisa

“Artemisa is a VoIP/SIP-specific honeypot software designed to connect to a VoIP enterprise domain as a user-agent back-end in order to detect malicious activity at an early stage. It registers multiple SIP accounts, which do not represent real human subscribers, at one or more VoIP service providers, and wait for incomming attacks. Besides, Artemisa can play a role in the real-time adjustment of the security policies of the enterprise domain where it is deployed (e.g. setting rules in a firewall to ban IPs or in the VoIP PBX to ban caller-IDs).“

Download Artemisa v1.0.88 here

If you enjoyed this article, you might also like:

• July 4, 2010 -- Artemisa : A honeypot software for VoIP networks
  Artemisa is a VoIP/SIP-specific honeypot software designed to connect to a VoIP enterprise domain as...
• June 23, 2010 -- Easy and Effective Way for Setting up a DNS Sinkhole!
  Procedure and network admins talk about plugging all of the holes and securing their network of deni...
• June 21, 2010 -- THC IPV6!
  A complete tool set to attack the inherent protocol weaknesses of IPV6 and ICMP6, and includes an ea...
• June 11, 2010 -- UPDATE: PenTBox 1.3.2 Final!
  We have discussed about PenTBox in our previous post here. We have been VERY late when posting about...
• March 26, 2010 -- UPDATE: PenTBox 1.3.1 Final!
  We have discussed about PenTBox in our previous post here“PenTBox is a Security Suite tha...
• February 13, 2010 -- UPDATE: PenTBox 1.3.1 Beta!
  We have discussed about PenTBox in our previous post here “PenTBox is a Security Suite that ...
• February 3, 2010 -- UPDATE: PenTBox 1.3 Beta!
  We have discussed about PenTBox in our previous post here"PenTBox is a Security Suite that pack...
• January 11, 2010 -- UPDATE: PenTBox v1.2!
  We have discussed about PenTBox in our previous post herePenTBox is update with new changes and ...
• December 23, 2009 -- mwcollectd – next-generation low-interaction malware collection honeypot tool
  A new version of mwcollectd is out for grabs! It is a next-generation low-interaction malware collec...

If you remember about Andiparos, you might remember that it was a fork of the famous Paros Proxy. Now, another fork of the open source Paros Proxy has been released. It’s name – ZAP – Zed Attack Proxy.

The Zed Attack Proxy (ZAP) is a penetration test tool designed to be used to make web applications more secure. While ZAP can detect some security issues automatically, it is primarily designed to help you find security vulnerabilities manually.

Unlike some security tools it is designed to be used by people with a wide range of security experience.
As such it is suitable for developers and functional testers who a new to penetration testing. You will still need to have a good understanding of how web applications work.

Some of ZAP’s features:
- Intercepting proxy
- Automated scanner
- Passive scanner
- Spider

Some of ZAP’s characteristics:
- Easy to install (just requires java 1.6)
- Ease of use a priority
- Comprehensive help pages
- Under active development
- Open source
- Free (no paid for ‘Pro’ version)
- Cross platform

Operating system supported:
Windows XP SP2 and above 32-bit

As per the developer of tool it is cross platform, we did not got chance to test it on *nix systems will keep you posted on that.

We are running this tool and find it good result oriented.

Download ZAProxy version 1.0.0 here

If you enjoyed this article, you might also like:

• June 25, 2010 -- Andiparos: A Paros Proxy Fork!
  We all love Paros Proxy! But, for some or the other reason, we always wished that Paros Proxy had a ...
• August 20, 2010 -- UPDATE: XSSer v0.7a!
  All of you web application penetration testers, check out this release of XSSer version 0.7a, for i...
• August 16, 2010 -- UPDATE: Websecurify 0.7!
  Good news for Websecurify lovers, as we have an updated Websecurify version 0.7 amongst us finally! ...
• August 9, 2010 -- UPDATE: Websecurify 0.7RC2!
  Right on time this time! We have an updated Websecurify version 0.7RC2 amongst us now!“Websecu...
• August 3, 2010 -- UPDATE: Websecurify 0.7RC1!
  Also, pretty late with this one (almost 6 days!), but here it is - we have an updated Websecurify ve...
• July 2, 2010 -- UPDATE: XSSer v0.6a!
  All of you web application penetration testers, check out this release of XSSer version 0.6a, for i...
• June 25, 2010 -- UPDATE: Websecurify 0.6!
  Websecurify has been updated to Websecurify 0.6 about 12 hours ago!“Websecurify is a web and w...
• May 31, 2010 -- UPDATE: Websecurify 0.6RC1!
  Websecurify has recently been updated! It's current version is Websecurify 0.6RC1!"Websecurify...
• April 19, 2010 -- UPDATE: XSSer v0.5a!
  All of you web application penetration testers, check out this release of XSSer version 0.5a!“C...

We have discussed about Nikto in detail here. Now, in less that two months, a new version – Nikto v2.1.3 – has been released!

“Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs, checks for outdated versions of over 950 servers, and version specific problems on over 260 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.”

This is the changelog for Nikto version 2.1.3:

• Interactive scan pause feature
• Metasploit logging (courtesy Ryan Linn)
• Updated manual
• Command line proxy specification
• Scan status reports guesstimate of time remaining
• Many updated software versions

So now, you can enable use Nikto with your favourite Metasploit.

Download Nikto version 2.1.3 here

If you enjoyed this article, you might also like:

• July 12, 2010 -- UPDATE: Nikto v2.1.2!
  We have discussed about Nikto in detail here. Now, after almost four months, a new version - Nikto v...
• February 3, 2010 -- UPDATE: Nikto 2.1.1!
  We have discussed about Nikto in detail here"Nikto is an Open Source web server scanner which pe...
• April 9, 2010 -- CMS Explorer: Know More About Different CMS!
  One of the authors of Nikto - Chris Sullo, has come up with CMS Explorer. It is designed to reveal t...
• January 15, 2010 -- List of Free Web Application Scanners!
  I was on another site helping someone with the available options on FREE Web Application Scanners. W...
• October 20, 2009 -- Update : Nikto 2.1.0
  Nikto is an Open Source web server scanner which performs comprehensive tests against web servers fo...
• September 6, 2010 -- ZAProxy: A Web Application Penetration Testing Tool Developers!
  If you remember about Andiparos, you might remember that it was a fork of the famous Paros Proxy. No...
• August 30, 2010 -- UPDATE: Skipfish-1.62b!
  Skipfish has been updated yet again! The latest release is Skipfish-1.62b! “Skipfish is a fully aut...
• August 27, 2010 -- DLLHijackAuditKit v2: Better, Faster, Stronger DLL Tests!
  The latest buzz word in the information security industry is "insecure DLL loading", "DLL hijacking"...
• August 26, 2010 -- WebAppTools : Tools for web servers and web applications testing.
  The complex of programs and the knowledge base for the vulnerability analysis of the implementations...

There are some and then there are some more! What we meant to say is that there are some blind SQL injection tools and then there are some more. This tool is a result of the author wanting to program a tool with a different approach to blind SQL injection. Before we actually get to the tool, lets see what blind SQL injection is. I know we must have described this a lot of time, but doing so will save us sometime going back to the first post that tells you about blind SQL injection.

So, blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application, rather then getting a useful error message, they get a generic page (or sometimes are redirected to some page) specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. Now that we know what blind SQL injection is, it will be a bit easier for use to see what this tool can do.

Blind Cat

Back to this tool now – Blind Cat is not a fully automated tool, the ones we call – “one click ownage“. You are the driving force behind this tool. Once, you understand how this tool works, you will be able to exploit a lot more difficult SQL injections easily. Consider this tool as an automation tool/front-end for manual blind SQL injections. It helps you to send custom HTTP requests, get the response, modify the request, re-send, get the response again and compare and slowly exploit! This front-end has been programmed in Delphi and uses cURL to get its work done. This is how a typical Blind Cat interface looks like:

This tool supports almost all databases – MS SQL, MySQL, Oracle, DB2, Firebird, etc., while supporting both – HTTP and HTTPS! In addition to that, it can transmit custom HTTP requests.

In other words, Blind Cat runs multiple instances of CURL, to send parametrized HTTP requests to the vulnerable web application. The responses are analyzed and other requests with modified parameters are issued until the correct characters in SQL response are detected.

Before you actually run Blind Cat, there are two important files that you might want to edit. These are curl.config and BlindCat.ini. curl.config being most important of the two, holds your custom header information that could be used to simulate the web browser, the target URL, whether you would want to use a proxy or not, HTTP GET/POST parameters, etc. BlindCat.ini holds information such as the number of threads to run, the location of cURL on your computer, the keyword to be exploited, etc.

The author has not added a readme file as such that might help you know more about the program, but with a bit of trial and error, you sure will be able to get this little demon to work!

Download Blind Cat v0.0.1.0 here.

If you enjoyed this article, you might also like:

• September 5, 2010 -- PenTestIT Post Of The Day: Five Ways to Stop Mass SQL Injection Attacks!
  A new wave of mass SQL injection attacks seen in mid-August to hit over half a million websites, inc...
• September 2, 2010 -- UPDATE: Laudanum 0.2!
  You can find our first post regarding Laudanum here. Now, the author has updated the tool to Laudanu...
• August 30, 2010 -- NodeZero Linux: Penetration Testing Live DVD!
  NodeZero is Ubuntu based linux designed as a complete system which can also be used for penetration ...
• August 16, 2010 -- PenTestIT Post Of The Day: Obfuscated SQL Injection attacks!
  Today, we have a post from the Tales from the SANS Diary by Mr. Manuel Humberto Santander Pelaez! ...
• August 16, 2010 -- UPDATE: RIPS v0.32!
  New and updated version of RIPS v0.32 is out and ready for action. You can find our first post regar...
• August 5, 2010 -- BinPack: A Portable Security Environment for Windows!
  BinPack is a portable security environment for Windows. The disc contains a portable security enviro...
• July 15, 2010 -- PenTestIT Post Of The Day: Inter protocol out of band exploitation with MySQL injections!
  Today, we have a post from the Ack Ack blog by Mr. Jelmer de Hen!“Inter protocol out of band exp...
• July 6, 2010 -- UPDATE: Hexjector v1.0.7.4!
  You can find our first mention about Hexjector in our post here. Now, Hexjector has been updated to ...
• July 1, 2010 -- UPDATE: Bsqlbf v2.6!
  This update is huge for all Bsqlbf lovers like us! Bsqlbf is updated about which, we have talked in ...

DotDotPwn is a simple PERL tool which detects several Directory Traversal Vulnerabilities on HTTP/FTP Servers. This AttackDB version currently has 871 traversal payloads. This tool was tested against various Kolibri+ WebServer v2.0 and Gefest WebServer v1.0 (HTTP servers) giving good results identifying the right vulnerability strings. Those HTTP servers were vulnerable, and somebody reported those vulns on sites such as exploit-db, but those advisories just reported some (1 or 2) traversal strings with a difference with DotDotPwn which detected between 10 or 20 different attack strings on those vulnerable servers.

Features of DotDotPwn:

• Detects Directory traversal vulnerabilities on remote HTTP/FTP server systems.
• DotDotPwn checks the presence of boot.ini on the vulnerable systems through Directory traversal vulnerabilities, so it is assumed that the tested systems are Windows based HTTP/FTP servers.
• Currently, the traversal database holds 871 attack payloads. Use the -update flag to perform an online fresh update.

Sample usage:

• HTTP:

perl ddpwn.pl -http website.com

• FTP:

perl ddpwn.pl -ftp ftphost.com

DotDotPwn is a very useful tool for web application penetration testers, who believe in open-source software. As it is PERL based, we can modify it as per the required environment. Hope there will be a nice front end which surely will make this tool more popular! It is also very easy to update the directory traversal database of this tool!

Requirements:
Perl with support of HTTP::Lite and Net::FTP modules

Download DotDotPwn v1.0 here

If you enjoyed this article, you might also like:

• January 15, 2010 -- List of Free Web Application Scanners!
  I was on another site helping someone with the available options on FREE Web Application Scanners. W...
• January 4, 2010 -- The WASC Threat Classification v2.0
  The Threat Classification is an effort to classify the weaknesses, and attacks that can lead to the ...
• September 21, 2009 -- Grendel Scan: Open Source Web Application Security Scanner
  In one of our posts earlier this month, we spoke of XSS Rays. Whats special about  Grendel Scan you ...
• August 27, 2009 -- Doit: A Simple Web Application Tester
  We were looking for a cross platform script which which would let us generate random but valid piece...
• September 8, 2010 -- Firefox Portable WEBTOOLS for Web Application Security
  If you are aware of the PenTestIT.Com's WAPT FireFox Add-ons, this collection might ring a bell in y...
• September 6, 2010 -- ZAProxy: A Web Application Penetration Testing Tool Developers!
  If you remember about Andiparos, you might remember that it was a fork of the famous Paros Proxy. No...
• August 31, 2010 -- Three Tools to Help You find DLL Hijacking Vulnerabilities!
  Discovering new vulnerabilities for the now famous Microsoft article - KB 2269639 has become very ea...
• August 27, 2010 -- DLLHijackAuditKit v2: Better, Faster, Stronger DLL Tests!
  The latest buzz word in the information security industry is "insecure DLL loading", "DLL hijacking"...
• August 26, 2010 -- WebAppTools : Tools for web servers and web applications testing.
  The complex of programs and the knowledge base for the vulnerability analysis of the implementations...

Nice! Our first post regarding the Microsoft Enhanced Mitigation Evaluation Toolkit or EMET can be found here. Now, Microsoft has released the EMET v2!

“EMET provides users with the ability to deploy security mitigation technologies to arbitrary applications.  This helps prevent vulnerabilities in those applications (especially line of business and 3rd party apps) from successfully being exploited.  By deploying these mitigation technologies on legacy products, the tool can also help customers manage risk while they are in the process of transitioning over to modern, more secure products.  In addition, it makes it easy for customers to test mitigations against any software and provide feedback on their experience to the vendor.“

This version sports a brand new GUI. In addition to SEHOP (Structured Error Handling Overwrite Protection), Dynamic DEP (Dynamic Data Execution Prevention), NULL page allocation, Heap Spray Allocation, this tool adds support for Export Address Table Access Filtering and the Mandatory Address Space Layout Randomization (ASLR)!

Download the EMET v2 here.

If you enjoyed this article, you might also like:

• October 29, 2009 -- The Microsoft Enhanced Mitigation Evaluation Toolkit!
  Seems like Microsoft really is taking security seriously these days! What with it releasing some ama...
• April 23, 2010 -- Microsoft pulls faulty patch, plans re-release
  Critical patch that affects Windows 2000 Server running Windows Media Services didn't work, so Micro...
• April 13, 2010 -- MS10-022 – Important: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)
  Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerabilit...
• March 9, 2010 -- MS10-016 – Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561)
  Bulletin Severity Rating:Important - This security update addresses a privately reported vulnerabili...
• March 4, 2010 -- ms09_043_owc_htmlurl.rb.txt
  This Metasploit module exploits a buffer overflow in Microsoft's Office Web Components. When passing...
• February 24, 2010 -- Export all Windows Logs from the Event Viewer from a Remote Machine!
  What if you want to export all logs - Application, Security and System - from a system on your netwo...
• February 9, 2010 -- MS10-008 – Critical: Cumulative Security Update of ActiveX Kill Bits (978262)
  Bulletin Severity Rating:Critical - This security update addresses a privately reported vulnerabilit...
• February 9, 2010 -- MS10-014 – Important: Vulnerability in Kerberos Could Allow Denial of Service (977290)
  Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerabilit...
• February 9, 2010 -- MS10-007 – Critical: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713)
  Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability...

Whoa! It sure has been a long time since we updated information about ProcNetMonitor. We had mentioned about it in our first post here. Now, the author has released an update – ProcNetMonitor version 2.7.

“ProcNetMonitor is the free tool to monitor the network activity of all running process in the system. It displays all open network ports (TCP/UDP) and active network connections for each process. It has advanced color based auto analysis system to make it easy to distinguish network oriented processes from others with just one glance at the list.“

Since we last wrote about it, this tool can now display process information on 64 bit systems too. False positives from Antivirus have also been removed and support for Windows 7 with GUI related enhancements.

Download ProcNetMonitor v2.7 here

If you enjoyed this article, you might also like:

• September 12, 2009 -- ProcNetMonitor – Basic malware and system analysis tool
  ProcNetMonitor is the free tool to monitor the network activity of all running process in the system...
• July 23, 2010 -- Rootkit Razor: A Free Rootkit Remover!
  In earliest deployments, hackers used rootkits to gain unauthorized access to Unix-based systems. To...
• July 14, 2010 -- UPDATE: Process Hacker v2.0!
  Process Hacker is updated with few updates on look and feel and how it works.We have previously writ...
• April 24, 2010 -- PenTestIT Post Of The Day: Portable Executable File Infection!
  Today, we have this post from KOrUPt Blog by KOrUPt himself!“Portable Executable File Infection”...
• March 29, 2010 -- streamarmor : Tool for discovering hidden alternate data streams (ADS)
  StreamArmor is the sophisticated tool for discovering hidden alternate data streams (ADS) as well as...
• March 12, 2010 -- ms10_002_aurora.rb.txt
  This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found i...
• February 25, 2010 -- LookInMyPC : Gather PC Profiling and Diagnostic Reports!
  LookInMyPC generates a complete, and a comprehensive system profile that includes information on all...
• February 10, 2010 -- AnVir Task Manager – More than regular task manager
  AnVir Task Manager is a award-winning solution that controls everything running on computer, removes...
• December 7, 2009 -- UPDATE: Buster Sandbox Analyzer version 1.03!
  We wrote about Buster Sandbox Analyzer a week ago here. This open source tool is gaining popularity ...