Kali linux 1.0.7 has been released

Kali linux 1.0.7 has just been released, complete with a whole bunch of tool updates, a new kernel, and some cool new features. Check out our changelog for a full list of these items. As usual, you don’t need to re-download or re-install Kali to benefit from these updates – you can update to the latest and greatest using these simple commands:

apt-get update
apt-get dist-upgrade
# If you've just updated your kernel, then:
reboot

KaliLinuxEncryptedUSBPersistence

One of the new sought out features introduced (which is also partially responsible for the kernel update) is the ability to create Kali Linux Live USB with LUKS Encrypted Persistence. This feature ushers in a new era of secure Kali Linux USB portability, allowing us to either boot to a “clean” Kali image or alternatively, overlay it with the contents of a persistent encrypted partition, all within the same USB drive.

ToolDevelopersAhoy!

This release also marks the beginning of some co-ordinated efforts between Kali developers and tool developers to make sure their tools are represented correctly and are fully functional within Kali Linux. We would like to thank the metasploit, w3af, and wpscan dev teams for working with us to perfect their Kali packages and hope that more tool developers join in. Tool developers are welcome to send us an email to  and we’ll be happy to work with you to better integrate your tool into Kali.

KaliLinux:GreaterThantheSumofitsParts

For quite some time now, we’ve been preaching that Kali Linux is more than a “Linux distribution with a collection of tools in it”. We invest a significant amount of time and resources developing and enabling features in the distribution which we think are useful for penetration testers and other security professionals. These features range from things like “live-build“, which allows our end users to easily customize their own Kali ISOs, to features like Live USB persistence encryption, which provides paranoid users with an extra layer of security. Many of these features are unique to Kali and can be found nowhere else. We’ve started tallying these features and linking them from our Kali documentation page – check it out, it’s growing to be an impressive list!

Torrents,VirtualMachine&ARMimages

In the next few days, Offensive Security will post Virtual Machine and custom ARM images for the 1.0.7 release

Source-

http://www.kali.org/news/kali-linux-1-0-7-released/

OWASP ZAP (Zed Attack Proxy) v2.3.1 released : An easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

OWASP Zed Attack Proxy (ZAP) An easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.Changelog v2.3.1

• ZAP changes request data (while switching views) ( Issue 81 )

• Unfulfilled dependencies hang the active scan ( Issue 377 )

• Cant remove scripts marked as ‘load on start’ ( Issue 1073 )

• core.newSession doesn’t clear Sites ( Issue 1114 )

• Historical Request Tab Doesn’t allow formatting changes ( Issue 1155 )

• Proxy gzip decoder doesn’t update content length in response headers ( Issue 1156 )

• Unable to set a home directory with a space on the command line ( Issue 1163 )

• Redundant indexes in zapdb.script ( Issue 1166 )

• Add proxy support for “deflate” content encoding ( Issue 1168 )

• Spider Context/User pop up menus no longer shown ( Issue 1170 )

• Unable to select 2 requests in fuzz results (Ctrl + click) ( Issue 1179 )

• Vulnerable pages active scanned only once ( Issue 1181 )

• Alerts of same type for different parameters of same vulnerable page shown only once in “Alerts” tree ( Issue 1182 )

• NullPointerException while selecting a node in the “Alerts” tab after deleting a message ( Issue 1183 )

• Cmdline session params have no effect ( Issue 1191 )

• Scan URL path elements – turn off by default ( Issue 1193 )

• Command line arguments are not passed to extensions when starting ZAP in daemon mode ( Issue 1194 )

• AbstractPlugin.bingo incorrectly sets evidence to attack ( Issue 1196 )

• Issue with loading addons that did not initialize correctly ( Issue 1202 )

• WordPress Authentication Script ( Issue 1203 )

• ‘History’ tab is not cleared when a new session is created through the API with ZAP in GUI mode ( Issue 1206 )

The following changes were made in this release:

Full Changelog: here 

Download OWASP ZAP v2.3.1

Source- https://code.google.com/p/zaproxy/

More info - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project