Invicti Standard

Read the blog post for more details about this version

NEW FEATURES

• Client Certificate Authentication Support

• Vulnerability Classification data reported the GUI and reports

• New Save / Load Files.

NEW WEB SECURITY TEST

• Blind Command Injection.

Read the blog post for more details about this version

NEW FEATURES

• Controlled Scan

• Retest single vulnerability.

NEW WEB SECURITY TESTS

• Silverlight Open Access Policy / Silverlight Access Policy Found Checks

• Django Stack Trace Disclosure Check

• MySQL Username Disclosure Check

• New Backup File Checks

• X-XSS-Protection Check.

Read the blog post for more details about this version

NEW FEATURE

• Anti-CSRF Token Support.

NEW WEB SECURITY TESTS

• Brute Force Support

• Tomcat Source Code Disclosure

• Default Tomcat Page Identified

• Frame Injection

• Backdoor Detection

• Sensitive Files Detection.

Read the blog post for more details about this version

NEW WEB SECURITY TEST

• Redirect BODY is too large and Redirect includes 2 Responses.

NEW FEATURE

• MS Live ID, SSO Authentication Support.

Read the blog post for more details about this version

NEW WEB SECURITY TESTS

• SSL Checks added

• Tomcat default files check added

• ASP.NET MVC version disclosure check added

• Mongrel and Nginx version disclosure checks added.

NEW FEATURES

• Added the Vulnerability Database

• Simultaneous Crawl & Attack.

Read the blog post for more details about this version

NEW WEB SECURITY CHECKS

• Expression Language Injection check added

• MyFaces Stack Trace Disclosure check added

• Mongrel Server Version Disclosure check added

• Password over GET check added

• WebLogic Detection check added

• Elmah.axd Detection check added

• OpenSSL vulnerabilities added to Vulnerability Database

• PHP vulnerabilities added to Vulnerability Database.

NEW FEATURES

• New Authentication System (SSO, Multiple-step Authentication, Extensibility)

• New Injection Points added

• Comparison Reports added

• New dashboard

• Complete x64 Support

• Ability to scan large websites (2M+ requests without any problems).

Read the blog post for more details about this version

NEW WEB SECURITY TESTS

• Detect web statistic applications

• Web.config check added

• WS_FTP log check added

• Perl RCE (Remote Code Evaluation) checks added.

NEW FEATURES

• Ability to scan much bigger websites with high performance

• Faster scans

• 2 New scan reports added.

Read the blog post for more details about this version

NEW FEATURE

• Improved PDF reports.

IMPROVEMENT

• Increased performance.

Read the blog post for more details about this version

NEW WEB SECURITY TESTS

• Possible Windows Username Disclosure

• LigHTTPD Directory Listing

• Nginx Directory Listing

• LiteSpeed Directory Listing

• Generic Email Address Disclosure

• LigHTTPD Version Disclosure

• Nginx Version Disclosure

• SharePoint Version Disclosure

• IIS 8 Default Page Detection

• Struts2 Development Mode Enabled.

NEW FEATURES

• Seamless Update Support

• Error Reporting and Help Desk Integration

• Custom HTTP Header Support.

Read the blog post for more details about this version

NEW WEB SECURITY TESTS

• HTTP Strict Transport Security (HSTS) Test

• Shell Script Found detection

• XHTML XSS Attack

• Database Connection String Found vulnerability

• Possible Administration Page Found Issue

• UNC Server and Share Disclosure.

NEW FEATURES

• Integration with Bug Tracking Tools and Send To Feature

• Generate Exploit Feature

• OWASP Top Ten Report.

IMPROVEMENTS

• Vulnerability Database Update

• Performance Improvements.

Read the blog post for more details about this version

NEW FEATURES

• Windows 8/Server 2012 Support.

IMPROVEMENT

• Vulnerability Database Update.

Read the blog post for more details about this version

IMPROVEMENTS

• Vulnerability Database Update

• Configure Authentication user interface enhancements.

BUG FIX

• Fixed issues in Form authentication logout detection.