Software

In the security field I have undertaken two main commercial projects so far...

ORSEM - ORacle Security Enumeration Module

ORSEM is an Oracle database security vulnerability scanner.

ORSEM is an ongoing project in the Django (Python) framework. The main purpose is to provide a means of accurate and comprehensive security testing of Oracle databases.

ORSEM is a security testing tool that leverages authenticated scanning techniques and as such the results are accurate with no false positives. No stone is left unturned in terms of the vulnerabilities known to the security world.

Overall, it's fair to say that ORSEM is a security testing tool for Oracle DBAs and Security Analysts. But more than that, it's a tool for security perfectionists.

More details...

CAVS - Candid Automated Vulnerability Scanner

<a href="/software/CAVS.php">CAVS</a> is a ruby (http://www.ruby-lang.org/) scanner that basically takes output from nmap and correlates it with information in the Open Source Vulnerability Database. So, we do a TCP port scan and search for public disclosed vulnerability with the services found.

Note: The OSVDB database updates were halted at source as of early 2012 - so results will not be current! CAVS is essentially discontinued as a result of this.

More details...