Added detection for F5 BIG-IP CVE-2021-22986 unauthenticated remote code execution vulnerability.
Added detection for Hafnium webshells injected during ProxyLogon attacks.
Added detection for Microsoft Exchange CVE-2021-26855 SSRF vulnerability (ProxyLogon).
We started to develop custom detection modules which are being added to the standard OpenVAS scans in order to detect high risk vulnerabilities in commercial software.
Besides wordlists, the URL Fuzzer can now send a sequence of numbers as payload.
Check if a Microsoft Exchange server is affected by CVE-2021-26855, a vulnerability which can lead to disclosure of sensitive information and to RCE.
The URL Fuzzer now allows you to fuzz HTTP POST requests.
Added detection for VMware vCenter Unauthenticated RCE (CVE-2021-21972).
Our new Website Scanner (currently in beta) will now check for sensitive data (email addresses, social security numbers, credit card numbers) in target applications.
We launched a new Website Scanner (currently in beta) fully written by our team. It allows you to select which tests you want to run and it returns less False Positives than the current full scanner.
The target name and the workspace have been added to the cards created in Jira.
The Find Subdomains tool has been improved with additional data sources to discover more subdomains.
You can get a scan notification if the open ports found are other than the ones you defined.
Now you can specify a custom location in URL Fuzzer for the payload using the FUZZ marker in the URL or in query strings.
The URL Fuzzer now allows you to specify custom headers to be sent with each request.
The two-factor authentication is now also available to all the Pro Advanced users (besides Enterprise).
Now you can further customize the subject of the mail by changing the placeholders.
The subject of the e-mail generated by a scan will contain the name of the tool, the target and the workspace.
All scan results will be sent from the following email address: email@example.com
The vulnerability scanners for Citrix CVE-2019-19781 and BIG-IP CVE-2020-5902 have been deprecated.
Multiple stability issues have been fixed.
Pentest Robots can now be used to scan the internal networks through VPN.
We’ve launched the Pentest Robots – a new automation method to create custom scanning flows. This helps you greatly reduce the manual work during a pentest.
The Website Scanner now takes the screenshot of the target website. You can find it in the output of “Server software and technologies” test.
A Scan Group is automatically generated when starting/scheduling multiple scans at once and allows for easier management of those related scans.
The screenshots of target websites generated by Website Recon are automatically embedded into the Attack Surface view.
We have added a new authentication method to the Website Scanner which allows you to record and replay the login steps so you can perform authenticated scans easier.
The Password Auditor now supports custom wordlists for usernames and passwords.
When adding/importing new targets, now you can automatically exclude the ones which are not alive. Very useful when adding IP ranges.
Now you can create your own custom wordlists and use them with URL Fuzzer (and soon with other tools also).
The individual scanners for GhostCat and SMBGhost have been deprecated as they have been included into the full OpenVAS scanner.
Authentication options can now be configured from the Targets page for the Website Scanner.
The scheduled scans are now being displayed by workspace. This can be configured from View Settings.
Now you can configure scan notifications directly from the Targets page, when you choose ‘Scan with Tool’. These allow you to receive emails when certain events occur.
The custom description of your targets is now automatically included in your scan reports.
When you mark a vulnerability as False Positive for a target, it will be automatically marked as False Positive for every future scan result for this target.
The Pentest Report (docx format) now has an appendix section containing the list of tools used during the test. Furthermore, we have added Low risk findings to the executive summary when no High/Medium issues are found.
When generating reports from tool results (individual scans), now you have more options to specify what to exclude from the reports: Ignored or Fixed findings, tool configuration details.
Now the VPN Agent can be downloaded also in VirtualBox format (besides VmWare and Hyper-V).
We have added new API methods for target management: add_target, update_target_description, start_scan_by_targetid. Furthermore, we have updated the get_scans method to return more granular results based on workspace_id and target_id.
We have added a new tool to detect the critical Remote Code Execution vulnerability in BIG-IP devices (CVE-2020-5902).
Multiple scan results can now be aggregated and exported into a single report. You can select which scan results to include in the report, both Vulnerability and Discovery scans.
Now you can configure email notifications when your scan matches certain conditions (is Finished, found High Risk, discovered some open port, etc). These notification filters also apply to Scheduled scans.
We have added the option to automatically group similar findings (obtained by multiple scans against the same target) in order to have a cleaner Findings view and to be easier to manage.
Now you can increase the security of your account with Two-Factor Authentication (2FA). Use your mobile device with any authenticator app to login with the second factor.
Besides VmWare, now you can also download the VPN Agent in Hyper-V format, for using it with the Microsoft virtualization solution.
Each finding/vulnerability produced by a scanner now has a unique identifier (ID). This can be used to easily compare scan results programmatically (exported as JSON or via API). These identifiers (vuln_id) look like WEBSCAN-00-0000012 or NETSCAN-01-0002349.
We have fixed a bug in the finding “Vulnerabilities found for server-side software” in order to set the CVSS score as the maximum of all vulnerabilities mentioned in the table (instead of ‘-1’). Furthermore, the CVE field is now populated with a comma-separated list of all CVEs from this finding (instead of ‘None’).
Now you can import targets from a file together with their descriptions. The target name and description must be comma separated, like: “www.example.com, Production web server”
We have added a new method to connect to the internal network in order to make internal scanning much easier. You just need to download the VPN Agent virtual machine and run it inside the internal network. It initiates a VPN tunnel automatically from our scanning servers to your network.
Paying users can upgrade or downgrade their current plan directly from Pentest-Tools.com (without interacting with FastSpring). Just pick the new plan and it will be modified instantly.
We have launched a dedicated support section on our website with multiple articles, product guides and answers to common questions.
We have added the Getting started page, which is an introduction to the platform to help customers get familiar with the platform.
Users have a new filtering method to display only the relevant findings in the Findings page. They now have the option to exclude False Positives, Informational or Ignored findings, such that the Findings view is cleaner and easier to manage.
This is a bug fix that now allows custom logos to appear in the header of a Docx report generated from the Findings page.
We have added advanced filters for the Attack Surface functionality in order to easily search for interesting ports, services or technologies.
Now you can download your invoices directly from the MyAccount page, without accessing the FastSpring payment provider.
The attack surface view aggregates hosts, ports, services and technologies from all the targets in the current workspace in order to show a summary view of the possible attack entry points.
We have rewritten the authentication module that performs automatic login with username and password. We have added support for Single Page Applications and improved the authentication logic.
We have added a WYSIWYG editor to add rich-text elements when creating a Manual Finding, such as images, tables, hyperlinks, code, bold, italic, underline, etc. All these elements are being properly translated to the .docx format, when you want to generate an editable pentest report.
Users can edit all the details of a finding produced by a tool/scanner by cloning it into a new manual finding. This new finding can be manually adjusted as needed (change name, description, risk level, etc).
Users can export scan results of any tool in JSON format. This allows easier data parsing and integration with external tools.
We are offering limited free penetration testing services for organizations fighting the COVID-19 outbreak to better secure their websites.
Users can generate Jira issues directly from our Findings page and automatically send them as tickets to prioritize important tasks.
We have added a new tool for detecting vulnerabilities in SSL/TLS servers, which deprecates the existing tools (Heartbleed, ROBOT, POODLE, DROWN scanners). Those deprecated tools have been disabled.
We added a new, dedicated scanner to detect the SMBGhost RCE vulnerability (CVE-2020-0796) in Windows 10, SMBv3.
We have added a new scanner to detect the Ghostcat vulnerability (CVE-2020-1938) that affects Apache Tomcat servers.
Now the TCP Port Scan and UDP Port Scan tools can be accessed programmatically through the API.
We have added a new API call – get_workspaces – which returns the list of workspaces of the current user. Furthermore, the start_scan function can be configured to start a scan in a specified workspace.
We have added a new, dedicated scanner on Pentest-Tools.com to detect the Citrix RCE vulnerability CVE-2019-19781.
Users can now delete multiple scheduled scans at the same time. The new improvement simplifies the workflow for those who use the Scheduler feature.