BDD-Security is a framework written in Java and based on JBehave and Selenium 2 (WebDriver) that uses predefined security tests and an integrated security scanner to perform automated security assessments of web applications.

Don’t scanning tools already to that?

Partly. Scanning tools are good at finding certain types of vulnerabilities, such as injection vulnerabilities (Cross Site Scripting, SQL injection, etc.). But scanners don’t understand the semantics of a web application. From a scanner’s point of view E-bay.com and Citibank.com are the same thing: a series of HTTP requests with fields that can be scanned.

This means that purely automated scanning is a shallow form of security testing. In many cases the precise tests performed, and how they were performed is hidden from the user. The result of the scan is a report that only contains vulnerabilities. You could think of a scanning tool as a Badness-ometer.

Manual application security assessments result in a much deeper form of testing, because humans understand context.

BDD and Resty-Burp are my new favorite scanning toys. Resty-Burp lets you control Burp scans through a REST API call. Sexy.

Once you may have loaded the plugin, use it is very simple. Just have to click the right mouse button over the url you want to test with sqlmap and you will have the option popup:

Win.

This first Sandcat Browser release includes the following pen-test oriented features:

• Live HTTP Headers
• Request Editor extension
• Fuzzer extension with multiple modes and support for filters
• JavaScript Executor extension — allows you to load and run external JavaScript files
• Lua Executor extension — allows you to load and run external Lua scripts
• Syhunt Gelo
• HTTP Brute Force, CGI Scanner scripts and more.

By extending the Burp Suite and integrating it with a CAPTCHA solving farm you can enable the automated bypassing of CAPTCHA within all burp tools; seamlessly replacing all CAPTCHA with their correct solutions.

One of the coolest Burp extensions I’ve ever seen.

Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.

Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.

Neat.

White-box fuzzing or smart fuzzing is a systematic methodology that is used to find buffer overruns (remote code execution); unhandled exceptions, read access violations (AVs), and thread hangs (permanent denial-of-service); leaks and memory spikes (temporary denial-of-service); and so forth.

You can perform fuzzing on any code that parses input that is received across a trust boundary. This includes files, network sockets, pipes, remote procedure call (RPC) interfaces, driver IOCTLs, ActiveX objects, and message queues (including Microsoft Windows messages).

This article presents a case study of fuzzing during development of Microsoft Internet Security and Acceleration (ISA) Server 2006, and discusses efforts, bug density, and ROI. During this release, the internal testing team found over 30 bugs that were either Important or Critical—according to Microsoft Security Response Center (MSRC) ranking—in over 500 KLOC parsing code.

A decent intro to the concept of fuzzing, by Microsoft.