|
|
Tools
|
WebApp Threat Matrix
|
|
V 2.1 |
| Compass Security, in cooperation with AXA Tech, has developed a threats and measures matrix for Web applications. The threats of Web applications are listed in an Excel sheet and it is visible for every threat which measure the respective risk addresses. The matrix can be used as a tool for project managers, security executives or software developers in the field of Web applications. A project manager or security executive can see at once which threats have to be addressed by what infrastructure or software components. A software developer receives hints how to encounter the threats while developing Web applications. The download consists of a matrix in the form of an Excel file and a PDF which explains the matrix in detail. |
| |
|
KeysGenerator
|
|
V 1.0 |
KeysGenerator
KEYS GENERATOR COPYRIGHT NOTICE, LICENSE AND DISCLAIMER.
Copyright (c) 2003 by Compass Security Network Computing AG
http://www.csnc.ch
Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both, the copyright notice and this permission notice and warranty disclaimer, appear in any supporting documentation, and that the name of Compass Security Network Computing AG will not be used in advertising or publicity pertaining to the distribution of the software without specific, prior permission in writing.
Compass Security Network Computing AG disclaims all warranties with regard to this software, including all implied warranties of merchantability and fitness. In no event shall Compass Security Network Computing AG be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other tortious action, arising out of or in connection with the use or performance of this software.
THE CRYPTOGRAPHY CODE IN THIS SOFTWARE HAS NOT BEEN REVIEWED BY A CRYPTOGRAPHER!
WEP Key 1: e21e3861cb07e625e2a9d773b6
WEP Key 2: b7ab18bb7451bb471efeb717ea
WEP Key 3: 616a7b47810c3866f4ede95317
WEP Key 4: 62a4b7fc459dd2e1c8a98c7b5f
ESSID : +{kT9NCK4]6$%%Ku#)R?d_oLg;|W2#
IPSEC : wi_e+<"4EM'UfE%QQ8}:CXMD$&^aeir
|
|
|
| |
|
|
Process Monitor (Windows 2000 Kernel Hook)
|
The Process Monitor supports the user to gain full control over running processes on its host. Each time the OS tries to start a new application, the Process Monitor's driver intercepts the Windows 2000 CreateProcess function and asks the user if the process should start or not. The rules defining which process shall start or not can be pre-set by the user.
For install and remove instructions see the README.txt in the zip archive. |
 |
V1.2 |
| |
|
|
Java Object Inspector (Java Application)
|
| Inspection Tool for Java serialized data streams. It becomes possible to view and alter java objects before sending requests to the server. This tool is useful while security assessing a java application, i.e. an online banking application using a java client (as an alternative to the browser). The Java Object Inspector needs to be "injected" into the assessing application (hook injection). |
|
V1.0 |
| |
|
|
|
|
News
Evening event of ISSS on "Cyber Crime in Switzerland"
2/23/10 - Ivan Bütler, Compass managing director, is organizing the "1st ISSS St Gall conference" together with Dr. Lukas Ruf. On Thursday, April 29, 2010, interested people are meeting in order to gain an up-to-date overview in the field of computer crime an to become familiar with the developments.
Compass hacks live at CeBIT
2/22/10 - Marco Di Filippo, Regional Director Germany of Compass Security AG takes on the role of the hacker at CeBIT and puts modern technologies to the test. On the CeBIT platforms of the media partner Network Computing and of the anti virus specialist Avira he is going to x-ray data centers and mobile devices such as iPhone, Blackberry, etc. regarding their safety compliance.
Presentation to the Compass-Workshop on "Mobile Security" at MCTA 2010
2/10/10 - On the 10th Conference "Mobile Communications Technologies and Applications (MCTA 2010), Marco Di Filippo, Compass Regional Director Germany, hold a workshop titled "Mobile Security – Attacking scenarios on mobile services" .
Compass' Testing Modules
1/27/10 - Compass Security has created the document "Testing Module" describing the typical testing scenarios
Workshop on Mobile Security at MCTA 2010
1/11/10 - Marco Di Filippo, Regional Director Germany of the ICT security service provider Compass Security AG (www.csnc.ch) informs in a workshop about the risks of mobile communication tools. This will be held on 01 February at the 10th Conference "Mobile Communications Technologies and Applications" (MCTA) at the University of Augsburg.
|
