Below are list of tools released by us.
|#3||Smart Application Security Score Card|
|Description||There are several instances when application/product owners struggle hard to identify necessary security SDLC activities for their applications/products. Primarily cost remains one of the key deciding factor for making choices between various security activities related to SDLC. Hence, in most cases due to budget constraints application stakeholders choose those security activity(s) that comes cheap and falls within the budget essentially to satisfy internal compliance needs.
Smart Application Security Score Card is a PDF based decision making tool which could aid application stakeholders in determining appropriate security activities that would suit a particular product or application. Additionally it also helps calculate weightage for individual security activities identified for the application which could further help in prioritizing individual security activities whilst keeping a control over overall security investment.
|Platform Supported||Created using Adobe Acrobat hence Adobe reader is must to be able to use this tool.|
|#2||TA-Mapper (Application Penetration Testing Effort Estimator)|
|Release Date||01-Jan-2009 (Release 1.0)|
Time and Attack Mapper (alternatively known as TA-Mapper) is an effort estimator tool for application penetration testing. This tool takes a scientific approach in order to estimate efforts up to maximum accuracy level.
Often penetration tester’s encounters difficult situation where they have to justify efforts provided to their customers. Typically the efforts estimation done by most pentesters are quite subjective which leads to in-consistent results that varies from pentester to pentester. This variation occurs as those efforts provided are mostly ball-park figures or calculated based on historic data or personal experience. Such approach is quite challenging to substantiate the efforts calculated if your client questions the estimation. This is where TA-Mapper fills the gap by providing a scientific approach of estimating efforts. The tool is able to calculate efforts with greater accuracy for application penetration testing.
Originally I wrote this tool back in 2004 to support some of my freelancing assignment. I was intrigued to write this tool as it was often asked by customers to justify quoted estimation for penetration testing projects. This tool not just helped me win the project but also help in educating my customers in providing a clear idea of tests and underlying activities involved in a penetration testing activity. After this tool private for a long time, I finally decided to share it with the world in 2009.
|Platform Supported||Windows (Developed in VB.NET)|
|#1||SwordFish - MS Access Password Recovery Tool|
|Description||SwordFish is a MS Access password recovery tool. It can only recover passwords for MS Access 97/2003 on Windows XP/2000. Note: We have discontinued support for this tool.|
|Platform Supported||Windows (Developed in VB 6.0)|