Invicti Standard 17 Oct 2019

IMPROVEMENTS

  • Added support for parsing Swagger files with comments
  • Added crawling support for hash based, routed websites
  • Added deprecated usage report for TLS 1.1
  • The size of the HTML reports has been significantly decreased

FIXES

  • Authentication tokens are now shared among the hosts of the scan target and the additional websites
  • Fixed an issue where the vulnerabilities from the previous scan were sometimes added  into the new scan when Custom Scripts were used
  • Fixed the logical operation stack field duplication that was occurring in log files
  • Fixed a formatting issue in the vulnerability report templates
  • Fixed an issue in the SQL Injection (Out of Band) engine where vulnerabilities were occasionally missed due to request timeouts
  • Fixed an issue where discovered application or database versions were not shown in the Site Profile if a Version Disclosure vulnerability had already been reported
  • Fixed a NullReferenceException that was thrown when the response was null in the Web Cache Deception engine