Changelog
28 September 2023 – v23.9.0
https://www.invicti.com/changelogs/invicti-enterprise-on-premises/v23-9-0/This release includes several new features and new patterns to detect XSS, as well as many improvements and bug fixes.
Search Result
25 results were found.
Changelog
v23.9.0
https://www.invicti.com/changelogs/invicti-standard/v23-9-0-2/This release includes a new feature that lets you set proxy configurations to Docker Agent as an environment variable when creating a container. We also made several improvements and fixed some bugs.
Changelog
2.3
https://www.invicti.com/changelogs/invicti-enterprise-on-premises/23-may-2022-v2-3/NEW FEATURES Netsparker Enterprise is now Invicti Enterprise. Added Node.js sensor for Invicti Shark (IAST). Added the Bridge URL and Shark token support for Invicti Shark (IAST). Added Software Composition Analysis (SCA) feature. Added support for scanning GraphQL APIs. Added Authentication Verifier Service for the authentication verifier agent. Added OWASP API Top Ten Report. Added … Continued
Changelog
6.2
https://www.invicti.com/changelogs/invicti-standard/16-nov-2021-v6-2/NEW FEATURES Added Node.js sensor for Invicti Shark (IAST). Added OWASP API Top 10 classification and report template. NEW SECURITY CHECKS Added signature matching to Web app fingerprint checker. Added patterns for Base64 encoded DOM Cross-site Scripting. Added phpMyAdmin Version Disclosure security check. Added Atlassian Confluence Version disclosure and Out-of-date security checks. Added exclusion feature to JavaScript … Continued
Changelog
9-Nov-2021
https://www.invicti.com/changelogs/invicti-enterprise-on-demand/9-nov-2021/This update includes changes to Internal Agents. The internal agent’s current version is 2.0.2.127. NEW FEATURES Added Node.js sensor for Invicti Shark (IAST). NEW SECURITY CHECKS Added signature matching to Web app fingerprint checker. Added patterns for Base64 encoded DOM Cross-site Scripting. Added phpMyAdmin Version Disclosure security check. Added Atlassian Confluence Version disclosure and Out-of-date security … Continued
Blog Article
What is server-side request forgery (SSRF) and how can you prevent it?
https://www.invicti.com/blog/web-security/server-side-request-forgery-vulnerability-ssrf/Server-side request forgery (SSRF) is an attack that allows attackers to send malicious requests to other systems via a vulnerable web server. Listed in the OWASP Top 10 as a major application security risk, SSRF vulnerabilities can lead to information exposure and open the way for far more dangerous attacks. This post shows how SSRF works and how you can identify and prevent SSRF vulnerabilities in your web applications.
Blog Article
5 Easy Wins for Web Application Security
https://www.invicti.com/blog/web-security/5-easy-wins-web-application-security/Web application security is a complex and dynamic field of cybersecurity. Fortunately, there are a few things that you can do to bring quick and measurable improvements to your web application security posture.
Changelog
30-Sep-2019
https://www.invicti.com/changelogs/invicti-standard/30-sep-2019-2/NEW FEATURES Added the ability to create custom Security Checks via a Scripting feature Added a new authentication, Manual Authentication, which allows you to import and replay your pre-recorded requests Added custom Vulnerability creation support to the Report Policy Editor Added a new 3-Legged Token flow type for OAuth2 authentication Added Microsoft Teams Send To … Continued
Changelog
18-Dec-2018
https://www.invicti.com/changelogs/invicti-standard/18-dec-2018/NEW FEATURES Rewrote Sitemap and Issues trees which improves the performance and adds features like filtering, grouping, sorting and searching. Added vulnerability families feature where similar types of vulnerabilities are not reported separately Added support for Swagger 3 / OpenAPI link import Added support for 64-bit smart card drivers for authentication Added GitLab Send To … Continued
Blog Article
Analyzing Impact of WWW Subdomain on Cookie Security
https://www.invicti.com/blog/web-security/impact-www-subdomain-cookie-security/This blog post provides an introduction to subdomains, why we use WWW and analyzes the impact of the WWW subdomain on cookie security. Then, it examines why we use WWW and how to set the domain attribute of cookies. The post includes two case studies and code samples.
Changelog
24-Nov-2017
https://www.invicti.com/changelogs/invicti-standard/24-nov-2017/NEW FEATURES Users can now preconfigure local/session web storage data for a website. Added a new send to action to send e-mails. Added HTTP Header Authentication settings to add request HTTP Headers with authentication information. Added CSV file link importer. Parsing of form values from a specified URL. Added custom root certificate support for manual … Continued
Changelog
18-Dec-2015
https://www.invicti.com/changelogs/invicti-standard/18-dec-2015/FEATURES Added Windows 10 support Added the Scan Policy Optimizer Added automatic configuration of URL rewrite rules Added automated evidence collection to several confirmed vulnerabilities Added Korean language option for application user interface (currently in beta) Added support for detecting outdated versions of several popular JavaScript client-side libraries Added HIPAA compliance report template Added syntax … Continued