Invicti Standard 26 Jun 2015

IMPROVEMENTS

  • Increased the DomParserLoadUrlTimeout and DomParserSimulationTimeout values to handle unresponsive request cases
  • DomParserLoadUrlTimeout and DomParserSimulationTimeout are now modifiable through the scanner’s advanced settings
  • Added Override Target URL with authenticated page form authentication option to support web sites which require dynamic Target URLs generated post-authentication (scanner will authenticate prior to accessing target URL)
  • Improved resource finder checks for websites which have custom 404 pages
  • Increased the default value of Maximum 404 Signature setting to be store more signatures
  • Improved timeout calculation for vulnerability checks which require late confirmation

FIXES

  • Fixed DOM simulation issue where all delegated events on an elements were not being called
  • Fixed a Heartbleed security check issue where it was causing the crawling phase to be stalled