Invicti Enterprise On-Demand 19 Jul 2023 v23.7.0

New Features

  • [Closed beta] Added the Team Administrator default role
  • Changed compression tool from 7zip to Tar
  • Added Diana.jl support for GraphQL Library Detection
  • Added Hot Chocolate support for GraphQL Library Detection
  • Added Zero Day Vulnerability for MOVEit Software


  • Expanded scenarios for Discovery Service with AWS Connections
  • Improved performance when updating vulnerability lookups
  • Improved performance of database indexes
  • Improved added API endpoints for Custom Scripts
  • Improved performance for Issues Report API endpoint
  • Improved detection of IT Hit WebDav Server .Net versions
  • Improved Internal Path Disclosure detection
  • Improved Remediation Advice for Autocomplete Enabled vulnerability
  • Improved detection logic for LFI vulnerability
  • Improved identification and version disclosure for PopperJS, CanvasJS, and Next.js
  • Improved WAF Detection for F5 BIG IP


  • Fixed issue with scans stopping with the Find & Follow New Links option enabled
  • Fixed issue with agent compression of chromium and node files
  • Fixed null value exception with REST API
  • Fixed InvalidCastException with REST API
  • Fixed ArgumentNullException with Custom Security Checks
  • Fixed Access Denied error when attempting to delete scan files which were already previously deleted
  • Fixed cannot login to web app after changing database password
  • Fixed unclear results with PCI reports with edge date ranges
  • Fixed BLR cannot fill address fields
  • Fixed licensing issue when adding a previously-deleted website
  • Fixed adding some MongoDB vulnerabilities to Knowledge Base report
  • Fixed importing Swagger/OpenAPI links
  • Fixed Discovery Service issue with AWS Connection throttling
  • Fixed authentication failure with MFA recovery codes
  • Fixed license file corruption issue during version upgrade
  • Fixed scans unauthenticated after successful authentication verification
  • Fixed linux agent update issue