October 24, 2016

Nmap 5.59BETA1 Released!

The Nmap development team has released Nmap 5.59BETA1. This new version includes 40 new NSE scripts, improvement in IPv6 scan, 7 new NSE protocol libraries and hundreds of bug fixes.

The new version of Nmap is able to detect services such as Apple iPhoto (DPAP) protocol probe, Zend Java Bridge probe, BackOrifice probe and GKrellM probe. Nmap service and version detection database reached to 7,375 signatures in this new version.

Nmap 5.59BETA1 source code and binary packages for Linux, Mac, and Windows are now available for download at http://nmap.org/download.html .

Nmap (Network Mapper) is a free and open source utility for security auditing. It is licensed under version 2 of the GNU General Public License.

Nmap 5.50 With Gopher Protocol Support Released‏

It has been a year since the last Nmap stable release and six months since development version (5.3DC1) of this powerful network scanner.

In this release the Nmap Scripting Engine(NSE) has been enhanced to expand up the protocol stack and take network discovery to the next level. Nmap 5.50 can now query all sorts of application protocols, including web servers, databases, DNS servers, FTP, and even Gopher servers!

This version has a brute forcing engine and supports network broadcast script in addition to two new script scanning phases known as prerule and postrule. It supports Nping with an innovative new echo mode and its developers added 636 OS fingerprints and 1,037 version detection signatures to Nmap since 5.21, bringing the totals to 2,982 and 7,319.

Nmap 5.50 source code as well as binary packages for Linux, Mac, and Windows are now available at:


More information about this release is available here.

Rapid7 and Modulo Partner to Bring Rich VulnerabilCompliance Data to Leading GRC Solution

Rapid7®, the leading provider of unified vulnerability management and penetration testing solutions, and Modulo, a leading provider of enterprise governance, risk and compliance (GRC) solutions, announced a technology integration that enables global customers to better manage their organizations’ risk by automating the collection and analysis of security intelligence across IT assets. Critical vulnerability, misconfiguration and policy violation data identified by Rapid7 NeXpose® scans can then be assessed, prioritized and remediated by Modulo Risk Manager™ NG to centrally manage, track and report security and compliance risks and make more informed business decisions.

Rapid7 NeXpose is the only integrated vulnerability management solution that allows organizations to manage network, operating system, Web application and database security strategies. Additionally, NeXpose is the only vulnerability management solution to use real exploit intelligence to perform risk classification and deliver prioritized remediation reports.

The Modulo Risk Manager NG governance, risk and compliance management solution allows the platform to consistently and repeat-ably demonstrate multi-regulatory compliance, pass demanding audits and reduce security threats before they cause costly damage to the organization – while eliminating duplication of effort through automation. Modulo NG brings together product innovation based on feedback from more than 1,000 customers and 25 years experience in the GRC space. Ease of deployment and use, straightforward integration and a distinctive emphasis on worldwide requirements are a few areas in which Modulo is recognized.


Secunia Releases Personal Software Inspector (PSI) Version 2.0

Secunia has released version 2 of its Personal Software Inspector (PSI) application.

According to Secunia, the Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose the PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus and are therefore increasingly “popular” among criminals.

The only solution to block these kind of attacks is to apply security updates, commonly referred to as patches. Patches are offered free-of-charge by most software vendors, however, finding all these patches is a tedious and time consuming task. Secunia PSI automates this and alerts you when your programs and plug-ins require updating to stay secure.

Download the Secunia PSI here.

Source & Screen-shot:[secunia.com]

An Introduction to NeXpose Community Edition

Rapid7’s NeXpose is a vulnerability management tool which scans your network and identifies vulnerabilities across a wide range of devices and operating systems. NeXpose uses one of the world’s largest vulnerabilities databases to identify the vulnerabilities on your network.

And the great news is that there is a free community edition. The NeXpose Community Edition is a free, single-user version of NeXpose and is powered by the same scan engine as its big brother NeXpose Enterprise and offers many of the same features. The single biggest limitation is that it only works with up to 32 IP addresses, but this makes it perfect for small organizations or for individual use.

NeXpose Community Edition is available for MS Windows Server 2003 SP2 / Server 2003 R2 and several flavours of Linux including Red Hat Enterprise Linux 5, Ubuntu and SuSE Linux Enterprise Server. Note: There isn’t an official Windows XP version as XP has some limitations with regards to raw sockets which NeXpose needs to perform its scans.

It is also worth noting that NeXpose Community Edition needs 4 GB of RAM (on 32-bit machines) or 8 GB of RAM (on 64-bit machines), don’t try using it without the minimum amount of memory otherwise your machine will start swapping heavily.

Once installed and updated to includ the latest list of vulnerabilities, NeXpose Community Edition offers a comprehensive range of tools for scanning and reporting the vulnerabilities on your network.

Rapid7 have some useful YouTube tutorials here: http://www.youtube.com/user/NeXposeTutorials