Invicti Standard 10 Jul 2020


  • Added a highlight icon to the attack parameters on the vulnerability reports
  • Added a report URL to the scheduled reports


  • Fixed a ObjectDisposedException that was occasionally thrown when the attacker started in manual proxy mode
  • Fixed a NRE that occurred when exporting a report from a scheduled scan
  • Fixed an issue caused when the login page identifier was disabled in the Scan Policy
  • Fixed an issue where the Jira Send To Action failed to create an issue when the components field did not exist in the project
  • Fixed the issue where the content type was not parsed correctly when there were multiple Content-type headers
  • Fixed the issue where responses were not being analyzed in signature detection in the re-crawl phase.
  • Fixed the list of enabled security checks on reports
  • Changed the Sans Top 25 classification name to CWE on reports


  • Added an F5 Big IP LFI (CVE-2020-5902) attack pattern
  • Added out of date checks for Apache Traffic Server
  • Added version disclosure for Undertow Server
  • Added out of date checks for Undertow Server
  • Added version disclosure for Jenkins
  • Added out of date checks for Jenkins
  • Added signature detection for Kestrel
  • Added detection for Tableau Server
  • Added detection for Bomgar Remote Support Software
  • Added version disclosure for Apache Traffic Server