1 | | - | ### 2.1.0 - 05/01/2019 |
2 | | - | * Improved profile displaying |
3 | | - | * Improved Error page detection by identifying JBoss error pages |
4 | | - | * Added Web Form authentication bruteforcer |
5 | | - | * Minor bug fixing |
6 | | - | |
7 | | - | ### 2.0.0 - 04/11/2018 |
8 | | - | * Improved error reporting and enabled saving a txt format of the generated report |
9 | | - | * Improved testing of multipart input, included file input |
10 | | - | * Added integrity check when testing web form with password fields. If the values of the password fields is different there may be false negative |
11 | | - | * Added HTTP Basic bruteforce plugin |
12 | | - | |
13 | | - | ### 1.7.0 - 06/08/2018 |
14 | | - | * Created Vulnerability Editor in order to create application vulnerabilities |
15 | | - | * Improved system metrics generation |
16 | | - | * Improved code to load signature by decreasing the load time |
17 | | - | * Added more signatures and improved discovery process |
18 | | - | * Fixed minor bug in Fingerprinter and Vulnerability Scanner |
19 | | - | * Added web vulnerabilities |
20 | | - | * Added support to Brotli decompression |
21 | | - | * Updated TestSSL AddOn |
22 | | - | |
23 | | - | ### 1.6.0 - 28/03/2018 |
24 | | - | * Resolved resource leak in ChromeDriver usage |
25 | | - | * Fixed some bugs (FPs, Mem leak, ...) |
26 | | - | * Improved Reflected XSS AddOn |
27 | | - | * Authentication HTTP Basic, Digest, Bearer |
28 | | - | * Authentication via WebForm |
29 | | - | * Adjusted versioning |
30 | | - | |
31 | | - | ### 1.2.5 - 06/02/2018 |
32 | | - | * Implemented Re-Crawling of identified web pages |
33 | | - | * Minor bug fixes |
34 | | - | * Added Stored Cross Site Scripting check |
35 | | - | * Added Exposed Session Variables check |
36 | | - | |
37 | | - | ### 1.2.4 - 21/12/2017 |
38 | | - | * Added Blind SQL Injection check |
39 | | - | * Added Missing HttpOnly cookie flag check |
40 | | - | * Added Missing Secure cookie flag check |
41 | | - | * Added Password sent over insecure channel check |
42 | | - | * Added Password field with autocomplete enabled check |
43 | | - | |
44 | | - | ### 1.2.3 - 06/09/2017 |
45 | | - | * Implemented Javascript Engine |
46 | | - | * Improved Scan information section |
47 | | - | * Bug fixing |
48 | | - | * Vulnerabilities added: |
49 | | - | - Woocommerce: Reflected XSS vulnerability in vendor_description parameter |
50 | | - | |
51 | | - | ### 1.2.2 - 25/07/2017 |
52 | | - | * Journey Scan implemented |
53 | | - | * SQL Injection addOn |
54 | | - | * Availability of HTML and JSON Report |
55 | | - | * Added feature to set default value for specific parameters |
56 | | - | * Added info on the connected Scan Managers and enabled the editing of specific properties |
57 | | - | * Improved UX |
58 | | - | * Improved resource discovery process |
59 | | - | * Implemented process to satify anti-CSRF token submission during SQL Injection and Cross Site Scripting testing |
60 | | - | * Vulnerabilities added: |
61 | | - | - Joomla: CVE-2015-8564, CVE-2015-8769, CVE-2016-8869, CVE-2016-8870, CVE-2016-9081, CVE-2016-9836, CVE-2017-8917 |
62 | | - | - Wordpress: CVE-2015-2213, CVE-2016-6896, CVE-2017-9064, CVE-2017-5611, CVE-2016-7169 |
63 | | - | * Bug fixing and testing |
64 | | - | |
65 | | - | ### 1.2.0 - 22/09/2016 |
66 | | - | * Added more vulnerability AddOn checks |
67 | | - | * Added more signatures |
68 | | - | * General imrpovements |
69 | | - | |
70 | | - | ### 1.1.0 - 28/07/2016 |
71 | | - | * Added Crawler component |
72 | | - | * Added vulnerability scanner component |
73 | | - | * Added Directory Listing vulnerability addon |
74 | | - | * Added more signature to the web application fingerprinter |
75 | | - | * Improved hidden resource discoverer |
76 | | - | |
77 | | - | ### 1.0.0 - 10/06/2016 |
78 | | - | * First Beta Release. |