Changelog - 3.2.0
- My copy of netsparker date:07/02/2014
NEW FEATURES
* Ability to scan SOAP web services for security issues and vulnerabilities
* Request and Response viewers to view HTTP requests/responses like XML and JSON tree views
* New knowledge base node that will include all AJAX/XML HTTP Requests
* New value matching options for form values other than regex pattern (exact, contains, starts, ends)
* New report template for parsing source information Crawled URLs List (CSV)
* Request and Response viewers to view HTTP requests/responses like XML and JSON tree views
* New knowledge base node that will include all AJAX/XML HTTP Requests
* New value matching options for form values other than regex pattern (exact, contains, starts, ends)
* New report template for parsing source information Crawled URLs List (CSV)
NEW SECURITY CHECKS
* Added attack patterns for LFI vulnerability which is revealed with only backslashes in file path
* Added Programming Error Message vulnerability detection for SOAP faults
* Added AutoComplete vulnerability for password inputs
* NuSOAP version disclosure
* NuSOAP version check
* Added Programming Error Message vulnerability detection for SOAP faults
* Added AutoComplete vulnerability for password inputs
* NuSOAP version disclosure
* NuSOAP version check
IMPROVEMENTS
* Improved XSS vulnerability confirmation
* Improved Generic Source Code Disclosure security check by excluding JavaScript and CSS resources
* Added latest version custom field for the version vulnerabilities
* Added standard context menus to text editors
* Sitemap tree will displan nodes of JSON, XML and SOAP requests and responses with no parameters
* Added force option to form value settings to enforce user specified values
* Optimized attack patterns for JSON and XML attacks by reducing attack requests
* Optimized Common Directories list and removed the limit for Extensive Security Checks policy
* Improved the license dialog to show whether a license is missing or expired
* Improved Generic Source Code Disclosure security check by excluding JavaScript and CSS resources
* Added latest version custom field for the version vulnerabilities
* Added standard context menus to text editors
* Sitemap tree will displan nodes of JSON, XML and SOAP requests and responses with no parameters
* Added force option to form value settings to enforce user specified values
* Optimized attack patterns for JSON and XML attacks by reducing attack requests
* Optimized Common Directories list and removed the limit for Extensive Security Checks policy
* Improved the license dialog to show whether a license is missing or expired
FIXES
* Fixed update dialog to not show on autopilot mode
* Fixed an interim auto update crash
* Fixed typo in Out of Scope Links knowledge base report template
* Fixed an issue in LFI exploiter where XML tags with namespace prefixes was preventing exploitation
* Fixed Controlled Scan button disabled issue for some sitemap nodes
* Fixed parameter anchors in Vulnerability Summary table of Detailed Scan Report template
* Fixed form authentication wizard to use user agent set on currently selected policy
* Fixed zero response time issue for some sitemap nodes
* Fixed dashboard progress bar showing 100%
* Fixed random crashes on license dialog while loading license file or closing dialog
* Fixed Microsoft Anti-XSS Library links on vulnerability references
* Fixed an interim auto update crash
* Fixed typo in Out of Scope Links knowledge base report template
* Fixed an issue in LFI exploiter where XML tags with namespace prefixes was preventing exploitation
* Fixed Controlled Scan button disabled issue for some sitemap nodes
* Fixed parameter anchors in Vulnerability Summary table of Detailed Scan Report template
* Fixed form authentication wizard to use user agent set on currently selected policy
* Fixed zero response time issue for some sitemap nodes
* Fixed dashboard progress bar showing 100%
* Fixed random crashes on license dialog while loading license file or closing dialog
* Fixed Microsoft Anti-XSS Library links on vulnerability references
RQ: This version is fully updatable :) enjoy
Download : Exe
Download : License file (due to a possible spammers ... mail me to get the license file)
No comments:
Post a Comment