Platform updates

Work like a pro: 4 automation updates to save time and simplify your workflow

Updated at
Article tags

We worked hard this month to roll out new updates and we’re excited to share them with you!

These 4 platform features are all about making your workflow smoother, so you can focus on the essential tasks:

1. Use custom wordlists with the Password Auditor
2. NEW: recorded-login authentication for the Website Scanner
3. Screenshots from Website Recon in the Attack Surface
4. Create scan groups for easier scan management

Let’s unpack them!

1. Set up your own list of usernames and passwords and use them with the Password Auditor

As promised, we added custom wordlists for more tools!

In addition to the default wordlists, Password Auditor now includes the option to set up your own list of usernames and passwords and find weak credentials faster.

To create it, go to Wordlists, select Add, and start adding the wordlists you need to run specific pentesting tasks.

After your custom wordlist is created, go to Password Auditor, insert your target, select the wordlist for usernames and passwords, and run a scan with it.

Enrich and update your lists of weak credentials to better detect vulnerable targets and report them to organizations.

Be one step ahead of attackers who use the same tactic to harvest sensitive data and access their internal systems.

custom wordlists with the Password Auditor

2. Run authenticated scans faster with the recorded login method

We’ve added a new authentication method for the Website Vulnerability Scanner to help you perform scans faster for websites with non-standard authentication.

Recorded login authentication allows you to record and replay the login steps, and then upload the recording to the Website Scanner tool.

To learn how you can easily configure this authentication method, make sure to follow the steps described in our dedicated support article.

recorded login authenticationTry this authentication method to perform in-depth scanning and better uncover critical vulnerabilities that an attacker can leverage after logging in to the website (or web apps).

Try the recorded login authentication

Perform in-depth scanning to uncover high-risk vulns.

3. Screenshots generated from Website Recon now available in the Attack Surface

We’ve enhanced the Attack Surface with more aggregated data, so you can get better, clearer view of your network perimeter.
When you scan a target with Website Recon, the scan results – screenshots included – are automatically added to the Attack Surface.

Screenshots added in Attack SurfaceWill I see screenshots for other tools?
Yes, we’ll add support for more tools in future updates!

Use the Attack Surface to get an instant overview of all your scan results grouped by asset categories and better visualize your network exposure.

4. Create scan groups for workflow management and hassle-free reporting

Automating your security testing workflow and saving time with reporting are key for us.
That’s why you can now create, define, and group your scans from your accountFast and easy!
A scan group is automatically created when you:

  • Select multiple targets and run a scan with one specific tool

  • select multiple targets at the same time using the Scan template

  • Schedule scans against multiple targets at the same time

To easily view and manage all your scan groups, go to Scans, and click on the Scans Groups.
From here, you can quickly export them in an aggregated report to visualize combined scan results in a unified, centralized manner.

Scan groups new featureTo better understand how to create and define scan groups, check out the step-by-step tutorial from our Support Center.

Get vulnerability research & write-ups

In your inbox. (No fluff. Actionable stuff only.)

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account


© 2013-2024 has a LinkedIn account it's very active on

Join over 45,000 security specialists to discuss career challenges, get pentesting guides and tips, and learn from your peers. Follow us on LinkedIn! has a YouTube account where you can find tutorials and useful videos

Expert pentesters share their best tips on our Youtube channel. Subscribe to get practical penetration testing tutorials and demos to build your own PoCs!

G2 award badge recognized as a Leader in G2’s Spring 2023 Grid® Report for Penetration Testing Software. Discover why security and IT pros worldwide use the platform to streamline their penetration and security testing workflow.

OWASP logo is a Corporate Member of OWASP (The Open Web Application Security Project). We share their mission to use, strengthen, and advocate for secure coding standards into every piece of software we develop.