Platform updates

Work smarter, not harder: 5 updates to enhance automation

Publisher
Pentest-Tools.com
Updated at

It’s been an intense month and we’re excited to share the news!

These 5 platform improvements are all about saving you time and energy, so you can focus on your most important tasks:

  1. Create custom wordlists (and use them with URL Fuzzer)

  2. Ignore dead targets and exclude them automatically

  3. Manage scheduled scans by specific workspace from Scheduler

  4. Configure & run authenticated scans straight from Targets

  5. Network Vulnerability Scanner with OpenVAS now includes the SMBGhost and GhostCat scanners

Let’s unpack them!

1. Set up your own list of words and use them with the URL Fuzzer

In addition to the available default wordlists, you can now create, define, and group your own list of words from your Pentest-Tools.com account.

To enable it, go to Wordlists, select Add, and start creating the wordlists you need to run specific security testing assessments.
Create custom wordlists

For each list, make sure to include 10.000 words at most, where one word is under 200 characters.

After your custom wordlist is created, go to URL Fuzzer, insert your URL target, and run a scan with your customized wordlist(s).
Will you…?
Yes, we’ll add support for other tools in the next updates!

Use these custom wordlists to create specific lists for individual targets, to support new languages, or simply to make your pentesting work faster and easier.

Create your first custom wordlist

2. Automatically exclude dead targets from internal network scans

When you want to add or import a new target, there’s a simpler way to ignore the dead host targets and run more accurate scans.

To do this, go to Targets, select Add, and enable the Include only alive targets option. This only adds the targets that respond to ICMP requests and have common TCP ports open (80, 443, or 445).

Add target in workspace pentest-tools.com

If you run internal network scans and you need to add specific IP ranges to scan only the relevant targets, this makes it much easier!.

Keep your results fresh and kickin’!

3. Manage scheduled scans by specific workspaces from one view

We’ve enhanced the Scheduler so you can better manage your scheduled scans for a single view!

See all your scheduled scans by specific workspaces or for ALL your workplaces. Sort, edit, download the latest results, and keep the testing flow going!

Go to Scheduler, click on View Settings, enable “Show scans for all workspaces”, and you’re all set!

show scans for all workspaces

4. Configure scan authentication right from the Targets page

Do you spend a lot of time in Targets?

Here’s some good news: you can now enable – and configure – authentication options for the Website Scanner tool from the Targets page.

Go to Targets, select a specific one, click on Scan with Tool, and choose the Website Scanner. Enabling Authentication gives you all the options you need!

Authentication from Targets

No more back and forth! (Keep that feedback coming – we’re all ears!)

5. The SMBGhost and GhostCat scanners – now included in the Network Vulnerability Scanner with OpenVAS

SMBGhost and GhostCat aren’t going anywhere anytime soon, but we’ve decided to integrate their functionalities into our Network Vulnerability Scanner with OpenVAS.

Need to check if your system is affected by one of these specific vulnerabilities? Choose the Full Scan option from the Network Vulnerability Scanner with OpenVAS and see them in your Findings.

Try these platform improvements and see how they improve your security testing workflow!

Get fresh security research

In your inbox. (No fluff. Actionable stuff only.)

I can see your vulns image

Related articles

Suggested articles

Discover our ethical hacking toolkit and all the free tools you can use!

Create free account

Footer

© 2013-2024 Pentest-Tools.com

Join over 45,000 security specialists to discuss career challenges, get pentesting guides and tips, and learn from your peers. Follow us on LinkedIn!

Expert pentesters share their best tips on our Youtube channel. Subscribe to get practical penetration testing tutorials and demos to build your own PoCs!

G2 award badge

Pentest-Tools.com recognized as a Leader in G2’s Spring 2023 Grid® Report for Penetration Testing Software.

Discover why security and IT pros worldwide use the platform to streamline their penetration and security testing workflow.

OWASP logo

Pentest-Tools.com is a Corporate Member of OWASP (The Open Web Application Security Project). We share their mission to use, strengthen, and advocate for secure coding standards into every piece of software we develop.