Version 1.1 of the Yaptest Frontend is now available.  Download it here.

 There are three main improvements to the interface:

• The "Ports" page now displays Nmap version and service information when it's available.
• The "Windows Info" page displays a list of Windows hosts along with various information about each: Domain name, whether the host is a domain controller, whether it's in a workgroup or a domain, its SID, password complexity setting and account lockout policy.
• The "Nessus" page simply display the nessus HTML report for the corresponding host.

Version 0.2.1 of yaptest is now available.  Download it here.

This is quite a major update.  The most notable improvements are support for running Nessus and/or OpenVAS.  At present Nessus and OpenVAS are automatically run against  any open ports with Safe Checks enabled.

As with any major update one or two bugs might have crept in.  Please mail pentestmonkey at pentestmonkey dot net if you find anything's broken.

The complete changelog is included below:

The next version of unix-privesc-check has just been released.  Download it here.

This version checks the file permissions of SUID programs.  It should catch issue like the recent Ingres privesc where and SUID programs used a shared object file that could be modified by a non-root user.

I just updated unix-privesc-check.  Download it here.

This release fixes a couple of minor bugs in the reporting of cron-related issues and some problem while running under /bin/sh (as opposed to /bin/bash).