Invicti Standard 03 Oct 2016

NEW FEATURES

• Added the ability to configure the scanner to scan websites which are linked from the target website.
• Added the Common Vulnerability Scoring System (CVSS) in vulnerability reports.
• Added ability to play sounds while certain program events occur (i.e. scan finished, vulnerability found).
• Added OWASP Proactive Guide to classification list.

NEW SECURITY CHECKS

• Added security checks for Content Security Policy (CSP) web security standard.
• Added DOM based open redirection security check.

IMPROVEMENTS

• Improved XSS security checks coverage.
• Improved the Report Policy Editor.
• Improved the default filename of generated exploits.
• Renamed “Permanent XSS” vulnerability to “Stored XSS”.
• Authentication credentials are now stored encrypted in profile files.
• Increased the number of vulnerabilities for which the scanner highlights the text related to the vulnerability in the HTTP response viewer.
• Added an option to follow redirects for the HTTP Request Builder.
• Added auto completion support to Scan Policy > Headers grid for well-known request headers.
• Added the version information of Invicti to the reports.
• Added type ahead search functionality for Scan Policy > Security Checks.
• Added HTTP methods to AJAX / XML HTTP Requests knowledgebase section.
• Added editing support for imported links.
• Optimized the performance of SOAP web service parsing by skipping the WSDLs that are already parsed.
• Added Scan Policy > Crawling options to enable/disable parsing of SOAP and REST web services.
• Added JavaScript dialog support for form authentication verification dialog.
• Improved HTTP request logging by splitting log files once a certain amount of requests are logged.
• Improved DOM simulation by simulating “contextmenu” events.
• Added “Attacked Parameters” column to “Scanned URLs List” report.
• Improved Manual Crawl (Proxy Mode) feature to work as passive and not re-issue the requests made during manual crawl phase.
• Increased the default values for “Maximum Page Visit” and “Max. Number of Parameters to Attack on a Single Page” settings.
• Improved XML parsing during crawling by parsing empty XML elements as parameters too.
• Added the ability to attack parameter names.
• Added a note to vulnerability detail for non-exploitable frame injection.
• Added .jhtml and .jsp attacks to file upload engine.
• Improved CORS security checks.
• Improved Open Redirect engine to detect CNAME injection such as example.com.r87.com.
• Added tooltips for long texts shown on activity dashboard.
• Added current DOM XSS attack information to activity pane.
• Improved XSS confirmation for vulnerabilities found inside noscript tags.
• Added a new method (Vulnerability.GetTemplateSections) for reporting API to be able to get vulnerability template section content separately.
• Added an attack pattern to the command injection engine to bypass whitespace filtering using $IFS environment variable.
• Added /resumescan parameter to command line options to resume the loaded scan.

FIXES

• Fixed an issue where incorrect PHP source code disclosures are reported for some binary responses.
• Fixed the position of clipped auto update notification.
• Fixed the broken External Reference link on Remote Code Evaluation (PHP) vulnerability.
• Fixed a file upload input DOM parsing issue which prevents some file upload attacks.
• Fixed an issue where switching between builder and raw tabs causes POST parameter to be removed on Request Builder.
• Fixed the duplicate log printed for same WSDLs.
• Fixed a NullReferenceException thrown when the Request Builder fails to make a request with the current SecurityProtocol setting.
• Fixed the blurred message dialog icons on high DPI screens.
• Fixed various navigation issues of Previous and Next buttons on HTTP Response viewer.
• Fixed the missing GET parameter request builder issue occurs when a full querystring/URL attack request is sent.
• Fixed a form authentication issue occurs on web sites that opens popups during form authentication sequence.
• Fixed a DOM simulation issue occurs when there is a form element with name “action” on target web page.
• Fixed the duplicate cookie issue occurs while using Manual Crawling (Proxy Mode) scanning feature.
• Fixed duplicate “Email Address Disclosure” reporting issue.
• Fixed a NullReferenceException on occurs during CORS security checks.
• Fixed an issue where current OS UI language was not being selected automatically upon first start.
• Fixed a CSRF exploit generation issue where the generated file is empty.
• Fixed an issue where injection/identification responses are unable to display for file upload vulnerability.
• Fixed an issue where XSS vulnerability is missed when multiple redirects occur.
• Fixed a text parsing issue where relative URLs were not supported as base href values.
• Fixed an issue where Missing X-Frame-Options Header vulnerability is reported even though ALLOW-FROM is included in the header.
• Fixed an XSS attacking issue where duplicate attacks are made for same payload.
• Fixed a Header Injection attack issue where first line of the HTTP request gets corrupted on full URL attacks.
• Fixed an issue where post exploitation does not work sometimes.
• Fixed a form authentication issue where any slash character in credentials cannot be used.