Home
/
Documentation
/
19-Sep-2017
Invicti Product Release Notes
Invicti Enterprise On-Demand
Invicti Enterprise On-Premises
Invicti Standard
Invicti Application Security Platform
19 Sep 2017

19-Sep-2017

NEW FEATURES

  • Added scan policy settings for CSRF security checks.
  • Added ability to use custom HTTP headers during scan.
  • Added attacking optimization option for recurring parameters on different pages.
  • Added a new knowledgebase item called Site Profile that lists information about target web site such as the web server operating system, database server, JavaScript libraries used etc.
  • Redesigned the Basic, NTLM, Digest and Kerberos authentication settings which now supports multiple credentials for different URL paths.

NEW SECURITY CHECKS

  • Added Referrer Policy security checks.
  • Added markdown injection XSS patterns.
  • Added HostIP and IPv6 patterns to MySQL and SSH SSRF security checks.
  • Added Database Name Disclosure security checks for MS SQL and MySQL.
  • Added Out of Date security checks for several JavaScript libraries.
  • Added Remote Code Evaluation (Node.js) security checks.
  • Added SSRF detection with server-status.
  • Added user controllable cookie detection.
  • Added Context-Aware XSS detection by generating XSS payloads based on the reflected context without breaking it.
  • Added Default Page checks for IIS 7.0, 7.5, 8.5 and 10.0.
  • Added IIS 10.0 Version Disclosure checks.
  • Added WordPress Setup Configuration File checks.

IMPROVEMENTS

  • Improved design of the group scan email template.
  • Improved accessibility of several pages to follow WCAG guidelines.
  • Optimized compression time while archiving the raw scan files.
  • Added support for allowing users to launch scheduled scans manually.
  • Disabled scheduled scans if the license is expired.
  • Updated the links to several external references.
  • Improved JavaScript and CSS resource parsing.
  • Added DOM simulation options to scan policy optimizer wizard.
  • Improved Mixed Content vulnerability reporting by separating them according to resource types.
  • Improved boolean SQL injection detection for redirect responses.
  • Improved WSDL parsing for files that contain optional extensions.
  • Improved .sql file detection signature.
  • Added extra confirmation for weak credentials detection.
  • Added scan policy option to allow XHR requests during DOM simulation.
  • Added form value for password input types to default scan policy.
  • Increased the maximum response size limit for JavaScript resources.
  • Improved the send to JIRA error message.
  • Added maximum number of option elements per select element to simulate scan policy setting.
  • Added filter 'colon' events scan policy option to filter events that contain colon character in its name during DOM simulation.
  • Improved error based SQLi exploitation by generating prefix/suffix dynamically.
  • Improved command injection vulnerability detection by prepending original parameter value to attack payload.
  • Improved LFI vulnerability detection by detecting HTML and URL encoded PHP source codes.
  • Improved LFI attack patterns.
  • Improved DOM XSS attack patterns.
  • Improved DOM/JavaScript simulation.
  • Improved the performance of email address disclosure detection.
  • Improved the performance of database connection string disclosure detection.
  • Improved the performance of JavaScript library detection.
  • Improved the performance of RoR database configuration detection.
  • Improved Blind Command Injection detection on Linux systems.
  • Improved resource finder to find more hidden resources.
  • Improved support for simulating customized select elements.
  • Improved NTLM, Digest and Kerberos authentication support.
  • Improved DOM simulation stability and performance.
  • Improved the default parameter name list for Parameter Based Navigation.
  • Added NTLM and Digest authentication support to the generated sqlmap and cURL commands.
  • Improved boolean and blind SQL injection checks for MySQL databases.
  • Improved blind SQL injection checks for PostgreSQL databases.
  • Improved reflected and stored XSS detection.
  • HSTS checks now reports missing preload directives.
  • Updated Korean translation.
  • Improved JSON response parsing.
  • Improved DOM based XSS payloads by prepending a URL to referer to make it practically work on web browsers.
  • Improved email disclosure checks by checking host names against to public suffix list.

BUG FIXES

  • Fixed a NullReferenceException which may have been thrown while editing settings of an user.
  • Fixed an issue where email notifications are not sent for unconfirmed phone numbers.
  • Fixed an issue which may have been thrown while deleting an account.
  • Fixed an issue where error based SQLi confirmation is done based on the first seen database signature when multiple signatures appear in source code.
  • Fixed the duplicate import link issue.
  • Fixed an issue where XSS is missed when injected payload is not executed due to a syntax error.
  • Fixed crawling of URLs on pages where base element points to some other URL.
  • Fixes an issue where blacklisted Invicti attacks prevent further source code disclosures in HTML response.
  • Fixed an issue where mixed content vulnerabilities are missing because DOM simulation is skipped due to missing JavaScript in HTML source.
  • Fixed issues where empty POST parameter is imported and headers added as disabled for Postman files.
  • Fixed an issue where signature fails to match MS SQL username in error messages.
  • Fixed an issue where vulnerability is missed because of that not appending arbitrary value to extra querystring parameter name.
  • Fixed the error caused by null bytes in attack patterns while sending vulnerabilities to JIRA.
  • Fixed an incorrect "Password Transmitted over HTTP" issue for relative URLs on pages redirected to HTTPS addresses.
  • Fixed the NullReferenceException thrown while importing certain HAR (HTTP Archive) files.
  • Fixed incorrect "Interesting Header" report for Content-Security-Policy header.
  • Fixed directory listing is not reported issues on some IIS versions.
  • Fixed the issue where comments in CSS files are not parsed.
  • Fixed the incorrect URL found in CSS comments.
  • Fixed incorrect CSRF vulnerability reports by taking hidden token input into account.
  • Fixed an IndexOutOfRangeException caused by CSP checks.
  • Fixed the signature pattern which fails to match "Programming Error Message (PHP)" in multiple lines.
  • Fixed markdown XSS attack patterns causing incorrect findings.
  • Fixed incorrect "Interesting Header" reports for some headers.
  • Fixed the incorrect http protocol displayed for SSL vulnerabilities.
  • Fixed an issue where DOM simulation is performed for checking XSS once per XPath.
  • Fixed the maximum crawled URL limit exceeded issue.
  • Fixed duplicate resource finder requests.
  • Fixed the WADL import issue where the operation fails for responses with no status codes.
  • Fixed incorrect HttpOnly reports of XSRF-TOKEN cookies, due to its nature these cookies must be accessed from JS code.
  • Fixed the incorrect missing object-src report on CSP checks.
  • Fixed an issue where default crawled value is double-encoded instead of single.
  • Fixed the missing content for Site Profile section of Knowledge Base report.