Top Three Web Based Image Editors

If you are using a computer that doesn't have a decent image editor program, then you can make use of a variety of web-based image editors. Having surveyed those that are freely available, I present a list of the top three. Each of these alows you to perform a variety of simple tasks upon an image, such as cropping and resizing. Each also includes the usual drawing tools as well as supporting layers. Please try them out and leave a comment to share your experiences.

Editor by
Editor enables you to create new images or open image files from your computer or from the web in the following formats: bmp, gif, jpg, png, psd and pxd (Editor's own format). You can save images as bmp, jpg, png or pxd to your computer or to Facebook. It offers a good selection of tools and filters.

Sumo Paint 2.0
Sumo Paint also lets you create new images and open files from your computer or the web. You can open files in gif, jpg, png and its own sumo format, and you can save as jpg, png and sumo. It has the best selection of filters and tools of the three here.

Splashup will open bmp, gif, jpg and png files not only from your computer and the web, but also from Facebook, Flickr, Photobucket and Picasa. You can save files back to each of these in jpg, png, and the somewhat obscure fxo format. It has the most limited selection of tools and filters of those listed here.

ESF Exploit Next Generation® SQL Fingerprint™

SQL Server fingerprinting can be a time consuming process. It involves a lot many trial and error methods to fingerprint the exact SQL Server  version. Intentionally inserting an invalid input to obtain a typical error message or using certain alphabets that are unique for a certain server are two of the ways to possibly fingerprint a server. But, when it comes to the Microsoft SQL Server fingerprinting, Exploit Next Generation® SQL Fingerprint™ (f.k.a. Microsoft SQL Server Fingerprint Tool) tool is the best!

The Exploit Next Generation® SQL Fingerprint™ (ESF) is a powerful tool which performs version fingerprinting for:

   1. Microsoft SQL Server 2000;
   2. Microsoft SQL Server 2005; and
   3. Microsoft SQL Server 2008.

The Exploit Next Generation® SQL Fingerprint™ uses well-known techniques based on several public tools that are capable to identify the Microsoft SQL Server version (such as: SQLping and SQLver), but, instead of showing only the "raw version" (i.e., Microsoft SQL Version 10.00.2746), the Exploit Next Generation® SQL Fingerprint™ shows the mapped Microsoft SQL Server version (i.e., Microsoft SQL 2008 SP1 (CU5)).

The strengths of Exploit Next Generation® SQL Fingerprint™ are:
   1. It uses both TCP and UDP protocols to determine the Microsoft SQL Server version, making it much more reliable than any other public or commercial tool.
   2. It is capable to identify multiple Microsoft SQL Server instances and their TCP communication ports.
   3. It does not require any authentication method to identify the Microsoft SQL Server version.
   4. It uses probabilistic algorithm to identify the Microsoft SQL Server version, combining both TCP and UDP fingerprint.

SQL Server fingerprinting is necessary before performing any kind of penetration testing on database server and if you find its Microsoft SQL Server then this tool will surely help identifying granular level findings to further exploit database.

To download ESF:

OWASP Zed Attack Proxy Project

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who a new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

The current version of ZAP is 1.0.0 and it can be downloaded from the Google Code page.

Some of ZAP's features:
    * Intercepting proxy
    * Automated scanner
    * Passive scanner
    * Spider

Some of ZAP's characteristics:
    * Easy to install (just requires java 1.6)
    * Ease of use a priority
    * Comprehensive help pages
    * Under active development
    * Open source
    * Free (no paid for 'Pro' version)
    * Cross platform
    * Involvement actively encouraged

ZAP is a fork of the well regarded Paros Proxy.

You can download ZAP v1.0 here:

Blogger Templates