Invicti Standard

FIXES

• Fixed an issue on Custom Form Authentication script editor where an extra header sent causing some pages not to load.
• Fixed a form authentication issue where cookies with same names were not updated.
• Fixed an issue where vulnerability is not reported due to XML Content-Type which exploitation might not be possible.
• Fixed a compatibility issue occurs while trying to load an old scan session file.

FIX

• Fixed clipped Scan Policy Editor dialog issue on high DPI display settings.

Fixes

• Fixed an InvalidOperationException which occurs on some specific setups.
• Fixed several scan activity list issues and enhanced performance.

IMPROVEMENTS

• Added CVSS information to more vulnerabilities.
• Updated vulnerability database.

FIXES

• Fixed a crash which occurs when too many elements are nested in the HTTP response.
• Fixed a text parsing issue where absolute URLs were converted to invalid relative URLs.
• Fixed incorrect protocol detection for protocol-relative URLs.

New Features

• Included support for the Invicti Hawk infrastructure for detection of SSRF and OOB vulnerabilities.
• Support for importation of Postman files.
• Added “Copy as cURL” context menu item to sitemap.
• Added “Copy sqlmap Payload” context menu item for SQL Injection vulnerabilities.
• Added HTTP request rate limiting options to Scan Policy.
• Added “Ignored Email Addresses” section for Scan Policy.
• Added accept and reject options for untrusted SSL certificates.
• Added an option to disable automatic detection of 404 error pages.

New Security Checks

• New security checks for Server Side Request Forgery (SSRF) vulnerability
• New security checks for out-of-band vulnerabilities such as OOB SQL Injection, OOB XXE, Blind XSS, OOB RCE, OOB RFI etc.
• Added “Missing object-src in CSP Declaration” vulnerability detection.
• Added “Apache Multiple Choices” vulnerability detection.
• Added “Stored DOM based XSS” vulnerability detection.

Improvements

• Improved the message displayed when trying to open an invalid session file.
• Added /nopdf command line switch to prevent generating PDF reports while performing automated scans.
• Added AttackPattern.GetAllEngines() and AttackPattern.GetAllPatterns() methods to reporting API to get the list of engine and pattern IDs.
• Added “Test Credentials” support for Basic, NTLM/Kerberos authentication configuration screen.
• Added progress dialog for importing links.
• Improved the performance of several link importers.
• Added global proxy options under Tools > Options to configure an application wide proxy.
• Added “Bearer Token” support for form authentication.
• Added confirmation for Frame Injection vulnerabilities.
• Added http: and https: checks for CSP vulnerability detection.
• Improved link importers where redundant CONNECT requests are now excluded.
• Optimized attacker performance for links containing single parameter.
• Added SSL protocol selection for scan policies.
• Added context menu items to the Report Policy Editor to multiple selected vulnerabilities by severity.
• Optimized crawling parser by skipping DOM simulation on pages with static content.
• Improved coverage of CORS security check with extra attacks.
• Removed GWT attacks from file upload security checks.
• Improved DOM simulation performance.
• Improved CSS parsing which now follows CSS import directives.
• Improved coverage of open redirect security checks by adding/updating attacks patterns.
• Improved logout detection by skipping JavaScript responses.
• Added support for “HTTP 410 Gone” and “HTTP 451 Unavailable For Legal Reasons” response status codes.

Bug Fixes

• Fixed an issue where a multiple cookies issue should not be reported.
• Fixed a JSON parsing issue with text parser.
• Fixed a request builder issue where the credentials on URL were not preserved.
• Fixed a request builder issue where the port number change is not reflected to raw request tab.
• Fixed a NullReferenceException which may have been thrown while closing the splash screen.
• Fixed a NullReferenceException which may have been thrown while updating activities on scan summary dashboard.
• Fixed clipped texts on several windows while using higher DPI settings.
• Fixed a request builder issue where the port on pasted URL is not parsed.
• Fixed a request builder issue where Cookie request header is not sent.
• Fixed a request builder issue where Cache-Control request header value was being duplicated.
• Fixed an HTTP response reading issue where the response could not be read when only BOM bytes are sent on first read attempt.
• Fixed the list on LFI exploitation panel where the same files were being duplicated.
• Fixed an issue in report policy editor that causes CVSS editing controls to disappear.
• Fixed a NullReferenceException on scan policy editor dialog thrown while clicking select inverse context menu on some security check groups.
• Fixed an issue where a false-positive file upload vulnerability might be reported.
• Fixed several DOM simulation issues on pages that have many iframe elements.
• Fixed a NullReferenceException while performing an internal MD5 encoding operation.
• Fixed an issue where the vulnerabilities found on a scan lingers to the next scan started.
• Fixed an encoding issue on a proof URL of an XSS vulnerability.
• Fixed a hang issue occurs when too many email addresses found on the response.
• Fixed an issue where “Shell Script Identified” vulnerability is not found when retested.
• Fixed a scan profile load issue occurs when a link with binary body is imported.
• Fixed the table layout on comparison report which was having too wide columns when the URLs were too long.
• Fixed the duplicate request issue on “AJAX / XML HTTP Requests” knowledge base report.
• Fixed URL parsing on pages where the URLs were containing whitespace characters like carriage return and line feeds.
• Fixed an ArgumentOutOfRangeException thrown while trying to match the redirected URL to configured logout detection pattern.

FIXES

• Fixed a hang issue occurs on some configurations.

FIXES

• Fixed an issue that occurs during the attacking phase where all threads cannot be utilized.
• Fixed handling of blob: protocol on DOM simulation.

New Technical Check

• Added “Cookie Header Contains Multiple Cookies” check

Improvements

• Improved the Content Security Policy (CSP) and “Misconfigured Access-Control-Allow-Origin Header” vulnerability templates.
• Improved CSP vulnerability detection by only reporting vulnerabilities on HTML resources.
• Team Foundation Server Send To action now populates severity and repro steps fields.
• Improved report generation dialog by remembering the last used settings separately for each report type.
• Added “Copy as cURL” context menu item to site map.
• Added support for HTTP POST method while using Open in Browser site map context menu option.
• Added support for attacking to User-Agent and Referer request headers.
• Improved scan session export dialog by suggesting default file names.
• Improved the coverage of the boolean SQL injection vulnerability engine.
• Improved GitHub send to configuration by check the existence of the specified repository.

Fixes

• Fixed various encoding issues on request builder.
• Fixed the splash screen issue where it opens on wrong monitor on multi monitor setups.
• Fixed External CSS, Script and Frame knowledge base items which do not consider the port while performing checks.
• Fixed the missing method values on vulnerability summary table of reports.
• Fixed the missing dashboard statistics when a scan session is imported.
• Fixed the site map Copy URL issue for some nodes which were missing URL information.
• Fixed a hang that may occur when windows gets locked, goes to sleep or hibernation.
• Fixed an issue with auto save where scan is not saved during the extra confirmation phase.
• Fixed an issue in open redirect detection where incorrect URLs may also be reported.
• Fixed the zero progress bar issue on loaded scan files.
• Fixed various CSP vulnerability highlight issues.
• Fixed an issue related with form authentication which prevents logout detection during attacking phase.
• Fixed an issue related with temp file generation.
• Fixed an Local File Inclusion vulnerability detection issue when attacked with a FullUrl payload.
• Fixed an extra tab on Scanned URLs List (CSV) report template.
• Fixed the size of scan policy editor dialog on screens with high DPI.
• Fixed the incorrect severity icon on site map when a vulnerability is selected.
• Fixed an incorrect retest result occurs when the target web site is not reachable.
• Fixed a CSP vulnerability issue for deprecated CSP header name on meta tags.
• Fixed the remaining registry keys after uninstall.

IMPROVEMENTS

• Improved vulnerability templates.
• Added support for sending vulnerabilities to JIRA when JIRA is homed at a path instead of the root.
• Added support for detecting requests made to blob-schemed URIs during DOM simulation.

FIXES

• Fixed missing external references on some vulnerability templates.

FIXES

• Fixed the issue where HTTPS protocol is enforced while using JIRA Send To action.
• Fixed an issue where print dialogs could be displayed during scans.
• Fixed a form authentication issue where the last form authentication sequence requests were prematurely cancelled.

FIXES

• Fixed an issue where some scan files from older versions cannot be opened with the latest version.
• Fixed an issue with TFS Send To action when the project name contains spaces.

FIXES

• Fixed an issue which prevents resource files (report templates, etc.) updates.