Invicti Standard

Improvements

• Added new paths to forced browsing
• Updated the vulnerability template for the Internal Server Error vulnerability
• Improved Insecure HTTP Usage detection

New Security Checks

• Added detection of Google Tag Manager as a technology in the Vulnerability Database (VDB)

Improvements

• Invicti Standard Agent upgraded to .NET 8 for improved performance and compatibility
• Improved analysis and remediation capabilities for [Possible] Server-Side Template Injection vulnerabilities

Fixes

• Fixed a missing proxy implementation for ICBD and Puppeteer
• Fixed an issue where Retest-type scans did not identify the same vulnerabilities detected during full scans
• Fixed high CPU usage in some agents caused by Chromium
• Fixed an issue where the Misconfigured Access-Control-Allow-Origin Header vulnerability was not detected
• Improved detection of the [Possible] Password Transmitted over Query String vulnerability.
  

Improvements

• Multiple .proto files can now be used for scanning gRPC API Web Services

Fixes

• Fixed an issue where uploading a .proto file caused a "No links found in the file" error
• Fixed missing request/response details for some out-of-band vulnerabilities

New Security Checks

• Added detection for multiple JavaScript libraries
• Added detection for Masa CMS (CVE-2022-47002 and CVE-2021-42183)

Fixes

• Fixed a bug that was disabling the skip scan phase option

New Security Checks

• Updated detection for ActiveMQ - Remote Code Execution (CVE-2023-46604) and TorchServe Management API SSRF (CVE-2023-43654)

Improvements

• Added 'save as new' and 'overwrite' options when importing scans
• Reporting improvements for the “Unknown Option Used In Referrer-Policy” vulnerability
• Added the ability to export/import scan profiles and scan policies between different instances of Invicti Standard

Fixes

• Various fixes for the verifiers
• Out-of-date version for Boolean Based MongoDB Injection is now reported correctly

New security checks

• Added a check for dotCMS
• Added a check for the Ultimate Member WordPress plugin
• Added a new mXSS pattern
• Added new signatures to detect JWKs

Improvements

• Improved the recommendations for the Weak Ciphers Enabled vulnerability
• Improved detection of swagger.json vulnerabilities
• Added support for AWS WAFv2 rules
• Improved more of our error and warning messages so they are more user friendly
• Added Sentry implementation into the Agent repository

Fixes

• Fixed a proxy issue that was impacting the detection of weak ciphers
• Fixed a problem with importing WDSL files

New features

• In the scan settings section, we've added a checkbox (under Authentication > Form) to collect all logs about the authentication progress
• Enhanced reporting of DOM XSS vulnerabilities

Improvements

• Updated the Shark Dotnet Sensor to .NET Core 6
• Improved site-logout detection

Fixes

• Resolved a problem with missing information in the report policy database
• Fixed an issue with the import of scan data from Invicti Enterprise to Invicti Standard
• Fixed a bug in the importing of links
• Fixed some vulnerabilities on our Invicti Docker Image by updating the packages
• Fixed reporting of some false/positive passive out-of-date vulnerabilities

New features

• Added encoding for sensitive data
• Added the option to enable CSRF checks for authenticated scans only
• Added a sensitive data (password, session cookie, token etc.) encoder

New security checks

• Added JQuery placeholder detection methods
• Added a new security check for the Missing X-Content-Type-Options vulnerability

Improvements

• Improved the JS Delivery CDN disclosure check to increase stability
• Improved the remediation part for the Weak Ciphers Enabled vulnerability
• Reduced the certainty value to 90 for the Robot Attack Detected vulnerability
• Improved the detection method for CSP
• Improved the detection method for the Dockerignore File Detected vulnerability
• Improved the detection method for the Docker Cloud Stack File Detected vulnerability

Fixes

• Improved our XSS capabilities
• Fixed an NTLM login issue
• Fixed a bug that was overwriting proxy settings in scan policies
• Fixed a unique analyzer bug for the WSDL importer
• Fixed a custom proxy bypass list issue

New feature

• We’ve added the ability to set proxy configurations to Docker Agent as an environment variable when creating a container

Improvements

• Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
• Improved the content-type exemption for non-HTML content types in the CSP engine
• Improved the typehead.js check to increase stability
• Removed the X-XSS-Protection header check because it is deprecated by modern browsers
• Fixed a scan coverage issue
• Improved the remediation part for the JetBrains .idea detected vulnerability
• Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication

Fixes

• Fixed the update agent command that was not working correctly
• Fixed the internal Linux v23.7 AV agent that wasn’t sending header configurations
• Encrypted the proxy password used in the scan policy file
• Fixed an issue with missing links when importing a .nss file from Invicti into Acunetix 360
• Fixed the external SOAP web service import problem
• Fixed a custom script issue so that now passwords written to the logs are encrypted
• Fixed an issue that might cause broken functionality for popup pages
• Fixed an issue where vulnerabilities could not be generated as CloudFlare WAF rules via API
• Fixed a bug with Multiple Declarations in the X-Frame-Options Header
• Fixed a localized time issue in the Files area
• Fixed a problem that was causing default values to be filled incorrectly, resulting in false negatives

New security checks

• Added new patterns to detect XSS

Improvements

• Improved detection and reporting of File Inclusion vulnerabilities
• Improved detection and reporting of Sensitive Data Exposure vulnerabilities
• Improved detection and reporting of Dockerfiles
• Added a custom authentication support header to scan policy

Fixes

• Fixed incorrect reporting of outdated technology versions
• Fixed a bug that was preventing reports from being saved
• Fixed the navigation check error on the dom parsing phase
• Fixed an issue that can cause too much browser user data to be left in the temp folder
• Fixed a custom script that was preventing successful basic authentication in some scenarios

Features

• Added Diana.jl support for GraphQL Library Detection
• Added Hot Chocolate support for GraphQL Library Detection
• Added Zero Day Vulnerability for MOVEit Software

Improvements

• Improved logout detection for OAuth2 authenticated websites
• Improved detection of IT Hit WebDav Server .Net versions
• Improved Internal Path Disclosure detection
• Improved Remediation Advice for Autocomplete Enabled vulnerability
• Improved detection logic for LFI vulnerability
• Improved identification and version disclosure for PopperJS, CanvasJS, and Next.js
• Improved WAF Detection for F5 BIG IP

Fixes

• Fixed issue with scans stopping with the Find & Follow New Links option enabled
• Fixed issue with agent compression of chromium and node files
• Fixed InvalidCastException with REST API
• Fixed ArgumentNullException with Custom Security Checks
• Fixed BLR cannot fill address fields
• Fixed adding some MongoDB vulnerabilities to Knowledge Base report
• Fixed scans unauthenticated after successful authentication verification
• Fixed rare stuck scan issue
• Fixed false positive due to TLS v1.3 not enabled
• Fixed ArgumentNullException during scan launch
• Fixed Authentication Verifier fails creating a new scan while another scan is running
• Fixed GraphQL import OutOfMemoryException

New security checks

• Added the check for Boolean-based MongoDB injection.
• Added the check for MongoDB Operator Injector.
• Implemented the XML external entity check for IAST.
• Added the ISO/IEC27001:2022 Classification.
• Added the report template and attack pattern to the Out-of-band RCE.
• Added passive check for Lua.
• Added a security check to detect public Docker files.
• Implemented a new engine to identify WordPress themes and Plugins.
• Added new security checks for SAML.
• Added security check for IT Hit WebDAV Server .Net Version Disclosure.
• Added security check for MS Exchange Version Disclosure.
• Added new payloads for Command Injection.
• Added support for PopperJS.
• Added support for CanvasJS.
• Added new security check for the SQLite Database Detection.
• Added new payloads for Header Injection.
• Added new security check for Spring Boot Actuator Detection.
• Added security check for NodeJS Stack Trace Disclosure.
• Added security check for SailsJS and ActionHero Identified.
• Added security check for JetBrains .idea Detected.
• Added security check for GraphQL Stack Trace Disclosure.
• Added security checks for Javascript Libraries.
• Added security checks for Web Application Fingerprinter Engine.
• Added new security checks for WordPress Hello Elementor Theme Detection.
• Added new security checks for WordPress Twenty Twenty-Three Theme Detection.
• Added new security checks for WordPress Twenty Twenty-Two Theme Detection.
• Added new security checks for WordPress Astra Theme Detection.
• Added new security checks for WordPress Twenty Twenty-One Theme Detection.
• Added new security checks for WordPress Twenty Twenty Theme Detection.
• Added new security checks for WordPress OceanWP Theme Detection.
• Added new security checks for WordPress Twenty Seventeen Theme Detection.
• Added new security checks for WordPress Kadence Theme Detection.
• Added new security checks for WordPress Twenty-Sixteen Theme Detection.
• Added new security checks for WordPress Twenty Nineteen Theme Detection.
• Added new security checks for WordPress PopularFX Theme Detection.
• Added new security checks for WordPress GeneratePress Theme Detection.
• Added new security checks for WordPress Inspiro Theme Detection.
• Added new security checks for WordPress Go Theme Detection.
• Added new security checks for WordPress Smash Balloon Social Photo Feed Plugin Detection.
• Added new security checks for WordPress Contact Form 7 Plugin Detection.
• Added new security checks for WordPress Yoast SEO Plugin Detection.
• Added new security checks for WordPress Elementor Website Builder Plugin Detection.
• Added new security checks for WordPress Classic Editor Plugin Detection.
• Added new security checks for WordPress Akismet Spam Protection Plugin Detection.
• Added new security checks for WordPress WooCommerce Plugin Detection.
• Added new security checks for WordPress Contact Form by WPForms Plugin Detection.
• Added new security checks for WordPress Really Simple SSL Plugin Detection.
• Added new security checks for WordPress Jetpack Plugin Detection.
• Added new security checks for WordPress All-in-One WP Migration Plugin Detection.
• Added new security checks for WordPress Wordfence Security Plugin Detection.
• Added new security checks for WordPress Yoast Duplicate Post Plugin Detection.
• Added new security checks for WordPress WordPress Importer Plugin Detection.
• Added new security checks for WordPress LiteSpeed Cache Plugin Detection.
• Added new security checks for WordPress UpdraftPlus WordPress Backup Plugin Plugin Detection.
• Added new security check for EZProxy Identified.

Improvements

• Updated the Signature Detection pattern.
• Improved the wordlist for Forced Browsing checks.
• Changed the Session Cookie not marked as Secure severity from High to Medium.
• Improved the task queue by optimizing code.
• Improved Drupal and Joomla detection.
• Improved the Next.js version detection.
• Improved Django debug mode enabled.
• Updated the SSL/TLS report template.

Fixes

• Fixed the navigational error by ignoring initial requests other than the document-type resources.
• Fixed an issue about HTTP Status codes on the crawler performance in the Knowledge Base Report.
• Fixed the importing GraphQL introspection issue.
• Fixed the weak Nonce detection in Content Security Policy.