18 Jan 2016
FEATURES Added automatic configuration of URL rewrite rules Added the Scan Policy Optimizer Added automated evidence collection to several confirmed vulnerabilities Added sessionStorage and localStorage support Added URL Rewrite knowledgebase node to list the URL patterns that have been discovered Added support for deleting a team member permanently Added support for detecting outdated versions of …
FEATURES
- Added automatic configuration of URL rewrite rules
- Added the Scan Policy Optimizer
- Added automated evidence collection to several confirmed vulnerabilities
- Added sessionStorage and localStorage support
- Added URL Rewrite knowledgebase node to list the URL patterns that have been discovered
- Added support for deleting a team member permanently
- Added support for detecting outdated versions of popular JavaScript client-side libraries
- Added vulnerability tasks’ todo list to dashboard
- Added “Do not expect challenge” option to basic authentication settings
- Added “Override Target URL with authenticated page” option to form authentication settings
- Added several new knowledge base nodes to report SSL and CSS issues, and one for slowest pages
- Added “Websites that have shortest fix time” and “Websites that have longest fix time” tables on global dashboard
- Added support for displaying relative dates in a friendly format
- Added import links support to new scan API endpoint
NEW SECURITY CHECKS
- Added Windows Short File Name security checks
- Added several new backup file checks
- Added web.config pattern for LFI checks
- Added boot.ini pattern for LFI checks
- Added a signature which checks against a passive backdoor affecting vBulletin 4.x and 5.x versions
- Added a signature which checks against an error message generated by regexp function at MySQL database
- Added DAws web backdoor check
- Added MOF Web Shell backdoor check
- Added RoR database configuration file detection
- Added RoR version disclosure detection
- Added RoR out-of-date version detection
- Added RoR Stack Trace Disclosure
- Added RubyGems version disclosure detection
- Added RubyGems out-of-date version detection
- Added Ruby out-of-date version detection
- Added Python out-of-date version detection
- Added Perl out-of-date version detection
- Added RoR Development Mode Enabled detection
- Added Django version disclosure detection
- Added Django out-of-date version detection
- Added Django Development Mode Enabled detection
- Added PHPLiteAdmin detection
- Added phpMoAdmin detection
- Added DbNinja detection
- Added WeakNet Post-Exploitation PHP Execution Shell (WPES) detection
- Added Adminer detection
- Added Microsoft IIS Log File detection
- Added Laravel Configuration File detection
- Added Laravel Debug Mode Enabled detection
- Added Laravel Stack Trace Disclosure
- Added S/FTP Config File detection
IMPROVEMENTS
- Improved calculating algorithm of vulnerability fix times
- Manage team permission replaced with “Admin” permission
- Added support to see website dashboard without scan group filter
- Added scan type information to “Detailed Scan Report”
- Added paging support for scan policy list
- Improved new user email template
- Increased website verification failure limit
- Changed vulnerability chart’s colors on the dashboard page
- Added icons for displaying vulnerability status on the vulnerability task page
- Knowledgebase items are expanded by default if they contain a single item
- Added retestable information to vulnerability detail on the scan report page
- Users are redirected to scan group create page if no scan group is found on new scan
- Added a warning message if target path does not end with a trailing slash on the new scan
- Added first seen date information to vulnerabilities page
- Several scan performance improvements to reduce memory usage
- Improved credit card detection to eliminate false positives
- HTTP cookie handling code written from scratch to conform with the latest RFCs which modern browsers also follow
- SSL cipher support check code has been rewritten to support more cipher suites
- SSL checks are now made for target URLs even when protocol is HTTP
- Updated embedded chrome based browser engine to version 41
- Added more ignored parameters for ASP.NET web applications
- Improved scan policy versioning where new security checks are automatically included or excluded by default on existing scan policies
- Improved LFI pattern that matches win.ini files
- Improved XSS coverage by adding an attack pattern for email inputs which require an @ character
- Improved cookie vulnerability details to show all cookies that are not marked as Secure or HttpOnly
- Improved out-of-date vulnerability templates by including severity information of vulnerabilities for that version of software
- Improved out-of-date vulnerability reporting by increasing the severity of the vulnerability if that version of software has an important vulnerability
- Improved Ruby version disclosure detection
- Improved SQL injection vulnerability template by adding remedy information for more development environments
- Improved common directory checks by adding more known directory names
- Updated default user agent
- Improved the default Anti-CSRF token name list
- Improved database error messages vulnerability detection for Informix
- Added new XSS attack pattern for title tag in which JavaScript execution is not possible
- Improved XHTML attacks to check against XSS vulnerabilities
- Optimized confirmation of Boolean SQLi
- Added exploitation for Remote Code Evaluation via ASP vulnerability
- Revamped DOM based XSS vulnerability detail with a table showing XPath column
- Changed SQLi attack patterns specific to MSSQL database with shorter ones
- Improved SQLi attack pattern which causes a vulnerability in LIMIT clauses specific to MySQL database
- DOM simulation is turned off for hidden input types which causes a false-positive confirmed XSS vulnerability
- Improved the “Name” form value pattern to match more inputs
- Improved confirmation of Expression Language Injection vulnerability
- Improved Frame Injection vulnerability details
- Added .phtml extension to detect code execution via file upload
- Improved blind SQL injection detection on some INNER JOIN cases
- Improved external references section of “Remote Code Evaluation (PHP)” vulnerability
- Added retest support for several vulnerability types
- Improved Apache Tomcat detection patterns
- Increased the number of sensitive comments reported
- Improved text parser improvements
- Added separate checks in scan policy for each supported web app fingerprint application
FIXES
- Fixed an issue where imported relative links were not set correctly
- Fixed an issue where scheduled scan names were duplicated
- Fixed URL rewrite analysis to respect case sensitivity settings
- Fixed a form authentication issue which image submit elements were not clicked
- Fixed an issue occurs when the HTTP response body starts with unicode BOM
- Fixed Open Redirect security checks where it should not perform DOM based checks if DOM checks are turned off
- Fixed static resource finder where it was not following a redirect
- Fixed DOM simulation hangs if a rogue JavaScript call enters an endless loop
- Fixed slow XSS highlights on some responses
- Fixed a bug where Full-Url LFI attack which is specific to Ruby-on-Rails applications could not be confirmed
- Fixed a bug where XSS vulnerability could not be confirmed when injection occurs in the middle of a CSS style
- Fixed a bug where generated XSS exploit did not work due to incorrect encoding
- Fixed a bug where a false-positive file upload vulnerability was reported
- Fixed a bug where maximum amount of hard fails was preventing next scan making HTTP requests
- Fixed “”Missing Content-Type”” reporting issue where redirected responses should not be reported
- Fixed an issue where send failures were not being handled while making HTTP requests
- Fixed credit card reporting issue where the value specified in default form values section should not be reported
- Fixed the trimmed parameter name issue on controlled scan panel
- Fixed documentation for nginx vulnerability template that explains how to fix the issue
- Fixed HSTS support for form authentication HTTP requests
- Fixed a URI parsing issue where non-HTTP(S) protocols are ignored
- Fixed a bug where an attribute based attack could not be confirmed as XSS
- Fixed a bug where an injection with “”javascript:”” protocol for XSS attacks occurs after a new line
- Fixed a bug where exploitation goes into loop and causes an unresponsive UI for error based SQLi
- Fixed a bug where redirection happens relatively and reported as Open Redirect vulnerability
- Fixed an issue where a Groovy RCE is reported as Perl RCE
- Fixed a WSDL parsing issue where reference parameters were not handled correctly
- Fixed a WSDL parsing issue where XML types were not handled correctly
- Fixed an issue that occurs during form authentication with an HSTS site that performs redirects to an URL with http protocol
- Fixed a bug where the hash is reported incorrectly in a DOM based XSS vulnerability
- Fixed the misleading content in basic authentication over clear text vulnerability
15 Jan 2016
FEATURES Policy Settings Permission Change: In order to manage Policy Settings, “Start New Scan” permission is required now Added Two Factor Authentication Support – Account admins can enforce 2FA to team members Added weekly intervals support to trend report in the website dashboards Added support for displaying pending tasks on the website dashboard Mobile-friendly UI …
FEATURES
- Policy Settings Permission Change: In order to manage Policy Settings, “Start New Scan” permission is required now
- Added Two Factor Authentication Support – Account admins can enforce 2FA to team members
- Added weekly intervals support to trend report in the website dashboards
- Added support for displaying pending tasks on the website dashboard
- Mobile-friendly UI with a lot of design improvements
IMPROVEMENTS
- Added weekly interval support to dashboard trend
- Added pending vulnerability tasks to website dashboard
- “Your account” page split into four pages
- Team member disable support
- Improved scan data cleanup to remove raw scan files
- Improved email sending process to ensure emails are sent for correct actions
- Added status change logs for vulnerability tasks
- Added an email button to Team Invitation page
- Users can resend invitations with this button
- Improved error messages when email fails to send
FIXES
- Fixed Browser Compatibility Warning shown in Chrome on iPhone.
- Fixed an error which occurs while deleting a scan policy
- Fixed target URL link on scan report page