HomePentest-Tools.com Logo

Resources

Changelog

These are the latest updates we've made to our platform. If you have any questions about any of the updates you see below, please feel free to contact us!

January 2024 Changes

  • Exploit for CVE-2024-21887 (Remote Code Execution in Ivanti Connect Secure)

    Sniper can exploit a Remote Code Execution vulnerability found in Ivanti Connect Secure (CVE-2024-21887).

    • CVE

    • RCE

  • Microsoft Teams Integration

    If you (and your team) use Microsoft Teams, set up this integration to get custom notifications for your scan results.

    Microsoft Teams integrationYou can also configure different channels for specific notifications, making sure everyone gets alerts about findings that are relevant for them.

    • Platform

  • Detection for CVE-2022-1471 (Remote Code Execution in SnakeYAML library - Attlassian Confluence)

    Network Scanner detects if CVE-2022-1471 (CVSSv3 10), a Remote Code Execution in SnakeYAML library - Atlassian Confluence, impacts your targets.

    • Atlassian

    • CVE

    • RCE

  • Detection for CVE-2023-46805 (Authentication Bypass in Ivanti Connect Secure)

    Network Scanner detects if CVE-2023-46805 (CVSSv3 8.2), an authentication Bypass in Ivanti Connect Secure, affects your targets.

    • CVE

    • Ivanti

  • OpenAPI files detection

    And one more thing: we added a method to detect if the Website Scanner spider finds an OpenAPI file. When it does, you can dig deeper with the API Scanner in just one click, right from your finding.

    openapi fileBy the way, we love to see customers truly make the most of our tools:

    We had a tool to scan our websites and endpoints automatically; the reports were not so good, and each additional URL was charged additionally (this doesn't scale in a micro-services architecture).

    Pentest-Tools.com solved all our problems; you can scan up to 1000 targets, the reports are so professional, and you can choose from dozens of different tools to analyze all aspects of an enterprise architecture.

    • Website Scanning

    • API

  • Session Fixation Detector

    We've also introduced a new Session Fixation Detector to help you identify session hijacking risks. Using the mitigation recommendations will help you prevent unauthorized access to user sessions and sensitive data.

    Here’s a preview of what the finding looks like:

    session fixation detector

    • Website Scanning

  • Exploit for CVE-2023-46604 (Remote Code Execution in Apache ActiveMQ)

    Sniper can exploit a Remote Code Execution vulnerability found in Apache ActiveMQ (CVE-2023-46604).

    • Apache

    • CVE

    • RCE

  • Exploit for CVE-2023-47246 (Remote Code Execution in SysAid)

    Sniper can exploit a Remote Code Execution vulnerability found in SysAid (CVE-2023-47246).

    • RCE

    • CVE

  • Input Reflected in DOM

    We've implemented Input Reflected in DOM to enhance protection against XSS attacks, ensuring coverage of more vulnerabilities lying in the DOM. It is already implemented in the XSS detector so if you select the XSS detector you are covered.

    Here’s what it’ll look like in your report: 

    Input Reflected

    • Website Scanning

  • Real-time status for all your VPN Agents

    You can now check the status of your VPN Agents in the VPN Profiles section (under Settings). 

    We update their status in real-time, which makes it easier for you to check if your Agents are still up and running before starting scans against your internal infrastructure.

    VPN Agents status

    • VPN

December 2023 Changes

  • Service detection in Port Scanner

    Service detection is now enabled by default in Light mode for Port Scanner.

  • Auto spider option in Website Scanner

    We added the option to select automatic detection of the spidering approach that the target needs. Auto is the engine option used in the deep scans too.

    • Platform

  • TCP/UDP Port Scanner unification

    We've combined TCP Port Scanner and UDP Port scanner into a single tool called Port Scanner. A protocol parameter was added to the scan config to choose between TCP and UDP.

    • Platform

  • 3 running modes (light, full, custom) for URL Fuzzer

    We've changed our URL Fuzzer to support 3 running modes (light, deep, and custom) that allow you to scan targets with a predefined configuration.

    • Platform

  • OpenVAS detections in our Vulnerability & Exploit database

    All OpenVAS NVTs that can be detected with Network Scanner are now displayed on our Vulnerability & Exploit database, along with Sniper & Nuclei detections

    • OpenVAS

    • Nuclei

  • Exploit for CVE-2023-20273 (RCE in Cisco IOS XE)

    Sniper can exploit an authenticated RCE vulnerability found in Cisco IOS XE (CVE-2023-20273), based on an Authentication Bypass vulnerability (CVE-2023-20198).

    • CISCO

    • CVE

    • RCE

  • Decluttered the spider results in Website Scanner

    We tweaked the spider results table from the Website Scanner so you can focus more on the things that matter the most: the url, the method, the query and body parameters. So, we removed the listing of headers and cookies and made the table more dynamic.

    • Reporting

  • Confirmed tag for Sniper and Nuclei engines in Network Scanner

    We've added the confirmed tag for findings generated by Sniper & Nuclei scanning engines.

    • Nuclei

November 2023 Changes

  • Exploit for CVE-2023-46747 (RCE in BIG-IP)

    Sniper can exploit another RCE vulnerability found in F5 BIG-IP (CVE-2023-46747).

    • BIG-IP

    • CVE

    • RCE

  • Improved logout avoidance

    Website Scanner: Fixed a bug in our logout detection mechanism that caused the Spider to sign us out of the session while crawling.

    • Platform

  • WordPress Scanner real-time output

    We came up with a way to show output from WPScan in real-time. This means you are not stuck with a scan running for 4 hours and get the findings as soon as we detect them.

    • Platform

    • Reporting

    • CMS

  • Free license launched (freemium)

    We've just launched our Free license. Use our light tools to do quick assessments, export simple reports with up to 2 parallel scans.

    • Platform

  • Improved DNS response parsing

    Subdomain Finder: We improved our logic for parsing DNS responses. This previously resulted in incorrectly marking domain names as unresolved.

    • DNS

  • Improved error handling for the tcpwrapped service

    We fixed a bug in the Network Scanner that caused some aborted scans when all the open ports were tcpwrapped, although our scanning engines don't scan for this service.

  • Automatic CVE filter mechanism for the Network Scanner

    We created an automatic CVE filtering mechanism for duplicated CVEs. For example, if the Sniper or the Nuclei engines find a CVE, only the Sniper finding will be displayed in the report. We'll show them based on prioritization (Sniper > Nuclei > OpenVAS).

    • Nuclei

    • OpenVAS

    • CVE

  • Port discovery returns only open ports

    All network tools will display only the open ports found (we remove the filtered and closed ones from the results).

    • Reporting

  • Detection for CVE-2023-44487 (DOS in HTTP/2 - Rapid Reset)

    Network Scanner detects if CVE-2023-44487 (DOS in HTTP/2 - Rapid Reset) affects your targets.

    • CVE

  • DNS Zone Transfer is now DNS Server Scanner

    DNS Zone Transfer is now called DNS Server Scanner and it generates findings for DNS Zone Transfer Information Disclosure vulnerability (AXFR).

  • Exploit for CVE-2023-0126 (File Read in SonicWall)

    Sniper can exploit a File Read vulnerability found in SonicWall (CVE-2023-0126).

    • CVE

  • Exploit for CVE-2023-4966 (Information Disclosure in Citrix - Citrix Bleed)

    Sniper can exploit an Information Disclosure vulnerability found in Citrix (CVE-2023-4966 - Citrix Bleed).

    • CVE

    • Citrix

  • Improved error handling in headless browser

    Website Scanner: Fixed another bug in the logic driving the headless browser that crashed the page and prevented us from detecting new crawling targets.

    • Platform

  • Exploit for CVE-2023-20198 (Authentication Bypass in Cisco IOS XE)

    Sniper can exploit an Authentication Bypass vulnerability found in Cisco IOS XE (CVE-2023-20198).

    • CISCO

    • RCE

October 2023 Changes

  • Exploit for CVE-2021-44521 (RCE in Apache Cassandra)

    Sniper can exploit another RCE vulnerability found in Apache Cassandra (CVE-2021-44521).

    • RCE

    • Apache

  • Exploit for CVE-2023-22515 (Authentication Bypass in Atlassian Confluence)

    Sniper can exploit an Authentication Bypass vulnerability in Atlassian Confluence (CVE-2023-22515).

    • Atlassian

  • Exploit for CVE-2023-25194 (RCE in Apache Kafka)

    Sniper can exploit a RCE vulnerability in Apache Kafka (CVE-2023-25194)

    • RCE

    • Apache

  • Exploit for CVE-2023-42793 (RCE in JetBrains TeamCity)

    Sniper can exploit a RCE vulnerability found in JetBrains TeamCity (CVE-2023-42793).

    • JetBrains

    • RCE

  • REST API is now publicly available

    Our REST API is now available. The old API is now legacy, but we’ll retire on December 31, 2023. The new API keeps all the existing features but adds new ones such as: a proper RESTful interface, cleaner JSON responses, the option to choose your redirect level for fewer connection errors, select the format for your callbacks (no more PDFs!), multiple API keys (with expiration dates for each of them), and more!

    • API

    • Platform

  • Scan techniques added to the TCP Port Scanner

    We've added multiple scan techniques (SYN, Connect(), ACK, Window, FIN, Xmas, etc.) to our TCP Port Scanner so you have multiple options to scan networks and find available hosts and their services.

    • Platform

  • Authentication for the WordPress Scanner

    We've added the basic authentication option when using the WordPress Scanner. Choose a custom scan type, enable Authentication, and fill in the credentials.

    • Platform

    • CMS

  • Spidered URLs list with duplicates

    Website Scanner now gives you a complete list of the URLs it spidered, including all the duplicates. Rest assured knowing the scanner thoroughly inspected all paths. You can see them by clicking the details of the Spidered URLs finding and checking the references.

    • Platform

  • Detection for CVE-2023-29357 (Authentication Bypass in Microsoft Sharepoint)

    Network Scanner detects if CVE-2023-29357 (Authentication Bypass in Microsoft Sharepoint) affects your targets.

    • CVE

    • Microsoft

  • Detection for CVE-2023-42115 (RCE in Exim)

    Network Scanner detects if CVE-2023-42115 (RCE in Exim) affects your targets.

    • CVE

    • RCE

  • Exploit for CVE-2023-36845 (RCE in Juniper)

    Sniper can exploit a RCE vulnerability discovered in Juniper (CVE-2023-36845).

    • CVE

    • RCE

  • URL Fuzzer in the Recon category

    You can now find the URL Fuzzer in the Reconnaissance category.

    • Platform

  • GraphQL Scanner

    The API Scanner now performs scans on GraphQL instances. Use it to check for Denial of Service attacks (circular reference, field duplication, alias overloading) or Information disclosure vulnerabilities (field suggestion, introspective enabled, console enabled).

    • GraphQL

September 2023 Changes

  • New My account page

    My account section is now completely redesigned and easier to use than ever. We divided all the existing settings into specific categories so you can find what you are looking for in a matter of seconds.We've also added two new features: the option to add a profile picture and to see your login history. We'll include more updates soon, so stay tuned.

    • Platform

  • 3 running modes (light, full, custom) for SSL/TLS Scanner

    We've changed our SSL/TLS Scanner to support 3 running modes (light, full, and custom) that allow you to scan targets with a predefined configuration.

    • Platform

  • Detection for CVE-2022-27510 (Authentication Bypass in Citrix ADC & Gateway)

    Network Scanner can now detect if CVE-2022-27510 (Authentication Bypass in Citrix ADC & Gateway) affects your targets.

    • CVE

    • Citrix

  • Exploit for CVE-2023-34039 (RCE in VMware Aria Operations for Networks)

    Sniper can exploit a RCE vulnerability discovered in VMware Aria Operations for Networks (CVE-2023-34039).

    • CVE

    • RCE

    • VMware

  • Exploit for CVE-2023-35885 (RCE in CloudPanel)

    Sniper can exploit a RCE vulnerability discovered in CloudPanel (CVE-2023-35885).

    • CVE

    • RCE

  • Email hard bounce alert

    We've added a warning message in the platform that lets you know whether your email address is unable to receive emails.

    • Platform

  • Error-based NoSQL Injection detector

    Website Scanner: We've added a new detection mechanism for MongoDB injection based on generating errors in the response.

    • MongoDB

  • Insecure Deserialization detector

    Website Scanner: There's another out-of-band detector available for insecure deserializations. This included passive detection for serialized objects and deserialization attacks for Java serialized objects.

    • Platform

  • Detection for CVE-2022-27518 (RCE in Citrix ADC & Gateway)

    Network Scanner can now detect if CVE-2022-27518 (RCE in Citrix ADC & Gateway) impacts your targets.

    • CVE

    • RCE

    • Citrix

  • MySQL Out-of-Band SQL Injection detector

    Website Scanner: We've added an out-of-band detector for MySQL injections.

    • SQL

    • MySQL

  • Scan APIs via Postman collections

    API Scanner: You can now scan APIs by uploading Postman collections. We convert the URLs from the Postman into a swagger file and scan it accordingly.

    • Platform

    • Postman

  • Exploit for CVE-2023-1698 (RCE in WAGO)

    Sniper can exploit a RCE vulnerability discovered in Wago (CVE-2023-1698).

    • RCE

    • CVE

  • Exploit for CVE-2023-29300 (RCE in Adobe ColdFusion)

    Sniper can exploit this RCE vulnerability found in Adobe ColdFusion (CVE-2023-29300).

    • RCE

    • CVE

    • Adobe

August 2023 Changes

  • Pentest-Tools.com is officially listed on the AWS Marketplace

    We are happy to announce that Pentest-Tools.com is officially listed on the AWS Marketplace. This listing meets security and compliance standards, allowing you to simplify your purchase flow through your existing AWS account.

    • Platform

    • AWS

  • Exploit for CVE-2023-25826 (RCE in OpenTSDB)

    Sniper can exploit a RCE vulnerability discovered in OpenTSDB (CVE-2023-25826).

    • RCE

    • CVE

  • Exploit for CVE-2023-38646 (RCE in Metabase)

    Sniper can exploit a RCE vulnerability discovered in Metabase (CVE-2023-38646).

    • RCE

    • CVE

  • New Handlers page

    Our tools that accept requests (XSS Exploiter, HTTP Request Logger, and Sniper Client-side attacks) are now structured and placed into a single page called Handlers.

    • Platform

  • Nuclei templates improvements

    Network Scanner: The Pentest-Tools.com research team contributes to the official Nuclei templates by improving and fixing false positives. We are now ranked among the top 75 contributors on the official repository.

    • Nuclei

  • Scan options for our Cloud Scanner

    You can now select if you want to detect the cloud provider and/or detect cloud vulnerabilities & misconfigurations in the Cloud Scanner.

    • Platform

  • New findings page

    The Findings page got a fresh look! But that’s not all. With improved filtering and performance, it’s now faster than ever to manage your findings and find exactly what you are looking for. Moreover, the new Finding editor creates an improved writing experience and a more reliable output. Give it a try by creating a manual finding.

    • Platform

  • Automatic daily update for Nuclei templates configured in Network Scanner

    Nuclei templates now receive automatic updates daily, ensuring the scanner Nuclei detections are always up-to-date.

    • Nuclei

  • Detection for CVE-2023-3519 (RCE in Citrix ADC & Gateway)

    Network Scanner can now detect if CVE-2023-3519 (Citrix ADC & Gateway) affect your targets.

    • CVE

    • Citrix

  • Exploit for CVE-2023-33246 (RCE in Apache RocketMQ)

    Sniper can exploit a RCE vulnerability discovered in Apache RocketMQ (CVE-2023-33246).

    • RCE

    • Apache

    • CVE

  • Exploit for CVE-2023-34960 (RCE in Chamilo)

    Sniper can exploit a RCE vulnerability discovered in Chamilo (CVE-2023-34960).

    • RCE

    • CVE

  • Exploit for CVE-2023-35078 (Unauthenticated API Access in Ivanti Endpoint Manager Mobile)

    Sniper can exploit an Unauthenticated API Access vulnerability discovered in Ivanti Endpoint Manager Mobile (CVE-2023-35078).

    • CVE

    • API

    • Ivanti

  • Pentest Ground: New free resource to test your scanners and skills

    Pentest Ground is a free playground with deliberately vulnerable web applications and network services. You can use it to benchmark your tools and learn new offensive security techniques.

    • pentesting

    • Platform

July 2023 Changes

June 2023 Changes

  • Password Auditor is now located under the Network Vulnerability scanners section

    Password Auditor is now located under the Network Vulnerability scanners section.

  • Azure support for Cloud Scanner

    Cloud Scanner can detect if an asset is hosted on Azure.

    • Microsoft

    • Azure

  • Collaborative working got a new home

    The UX of resource sharing wasn't the best, so we decided to completely change the way you interact with this feature. Hopefully, we managed to deliver a better experience while keeping this feature's utility unchanged. Furthermore, we got rid of the complicated flow of adding all of the personal details for the members of your team and replaced it with a simpler Invite by email functionality which should make the addition of new team members much easier, faster, and safer.

    • Platform

  • Detection for CVE-2023-34362 (SQL Injection in Progress MOVEit Transfer)

    Network Scanner can now detect if a MOVEit Transfer server is vulnerable to a SQL Injection vulnerability (CVE-2023-34362).

    • SQL

    • CVE

  • Email notifications on webhook errors

    You will be notified via email (1 per day) if a webhook fails (e.g. there's an invalid callback URL).

    • Platform

  • Edit time zone feature for your account and scheduled scans

    You can now edit the time zone per account and for scheduled scans.

    • Platform

  • New tool: Cloud Scanner

    The Cloud Vulnerability Scanner is an advanced and comprehensive cloud security solution that evaluates multi-cloud environments (Amazon Web Services - AWS, Google Cloud Platform - GCP and Microsoft Azure - Azure) to identify misconfigurations, vulnerabilities, weak access controls, interesting files, and other security issues.

    • AWS

    • GCP

    • Azure

May 2023 Changes

  • Exploit for CVE-2023-27350 (RCE in Papercut)

    Sniper can exploit an authenticated bypass vuln discovered in Papercut (CVE-2023-27350).

    • CVE

  • Billing email address

    You can edit your billing address from the Profile section to receive future invoices at the specified address. You can also aggregate all your past invoices and send them to the current billing address from the Billing history section.

    • Platform

  • Detector for Server-side prototype pollution

    We've upgraded the Website Scanner with the ability to now detect prototype pollution in server-side javascript code.

    • Platform

  • Exploit for CVE-2022-21587 (RCE in Oracle E-Business Suite)

    Sniper can exploit an RCE vuln discovered in Oracle E-Business Suite (CVE-2022-21587).

    • RCE

    • CVE

    • Oracle

  • Exploit for CVE-2023-25135 (RCE in vBulletin)

    Sniper can exploit an RCE vuln discovered in vBulletin (CVE-2023-25135).

    • RCE

    • CVE

    • vBulletin

  • Rescan support for the Website Scanner

    We've added new exploitation capabilities to our Website Scanner that allow you to read the cookies and localStorage of a web app vulnerable to XSS.

    • XSS

    • Platform

  • SQLI, OSCMDI, XSS bug fixing

    Website Scanner: We've fixed some bugs: XSS and SQL scanner starting with auth enabled; SQLI time-based FPs; OSCMDI time-based FPs; CSRF token not renewing after the first form submission.

    • XSS

    • SQL

    • Platform

  • SSRF detector now looks for local services running

    Website Scanner: We now search for locally available Docker and Elastic Search instances when trying to discover server-side request forgery vulnerabilities.

    • Platform

    • Docker

    • Elastic Search

    • SSRF

  • Exploit for CVE-2023-1671 (RCE in Sophos Web Appliance)

    Sniper can exploit an RCE vuln discovered in Sophos Web Appliance (CVE-2023-1671).

    • CVE

    • RCE

    • Sophos

  • 3 running modes (light, full, custom) for Network Scanner

    We've changed our Network Scanner to support 3 running modes (light, full, and custom) that allow you to scan targets with a predefined configuration.

    • Platform

  • 3 running modes (light, full, custom) for TCP/UDP Port Scanners

    We've changed our TCP/UDP Port Scanners to support 3 running modes (light, full, and custom) that allow you to scan targets with a predefined configuration.

    • Platform

  • Added follow redirects

    When starting a tool that scans URLs, you will have a new option: Follow redirects.

    • Platform

  • Detection for CVE-2023-21554 (RCE in Microsoft MSMQ service)

    Network Scanner can now detect if a Microsoft MSMQ service is vulnerable to a Remote Code Execution vulnerability (CVE-2023-21554).

    • Microsoft

    • RCE

    • CVE