Skip to content

2025.01

Features/Enhancements

Insights

  • Sample Data View: Prospective customers can now explore Insights with sample data to preview its capabilities.
  • PDF Report Generation: Insights data can now be exported into a document for executive reporting.
  • UX Improvements: New charts and enhanced usability on the Insights tab improve navigation and data analysis.

Tripwires

  • New Landing Page: A dedicated page now consolidates tripwire opportunities for easier access.
  • Updated Notifications: Alerts for existing tripwire users have been improved.

New Pentest Scheduling Workflow (for new users)

  • Guided Onboarding: An optimized setup process has been introduced for continuous penetration testing.
  • Automated Workflow: Pentest templates can now be reused to encourage more frequent testing.
  • Streamlined Deployment: The process begins with deploying a Runner and creating a schedule for ongoing testing.

Other Improvements

  • IAM Data now Exportable: User and IAM role data from Azure and AWS pentest results can now be downloaded.
  • Azure Service Principal Certificate Injection: Credential injection options have been added for Azure pentesting.
  • New Status: "Awaiting Runner": A new "Awaiting Runner" state provides clearer status for tests utilizing a runner.
  • Test Scheduling: Continuous pentest schedules can now be created directly from completed test listings.
  • CSV Import for Scope Inputs: Users can upload a CSV to define IP scope during pentest setup.

New Attack Content

External Attack Content

  • Microsoft IIS Web Server Scanning: Detection of hidden files and directories has been improved.
  • Management Consoles: Publicly accessible admin panels are now identified more effectively.
  • GitHub Actions Security Checks: Security weaknesses in GitHub Actions are analyzed.
  • GitHub Sensitive Data Detection: Public Git repositories are scanned for exposed secrets.
  • Smart Public Git Repo Handling: Only repositories with exposed sensitive data are flagged.
  • Azure Credential Testing: Password spraying techniques have been enhanced to identify multi-service access credentials.

General Attack Content

  • Web Server Fingerprinting: Improved detection of servers on non-standard ports and those using Cloudflare.
  • Azure Storage & Blob Exposure Detection: Exposed files in Azure storage services are now identified.
  • Fortinet FortiOS (CVE-2024-21762): Remote code execution vulnerability.
  • Citrix XenServer (CVE-2024-8069): Unauthenticated remote code execution.
  • WhatsUp Gold (CVE-2024-46909): Arbitrary code execution.
  • Craft CMS (CVE-2024-56145): RCE vulnerability due to improper PHP handling.
  • VHost Updates: Improved attack execution reliability.
  • Ivanti Endpoint Manager (CVE-2024-10811): Credential coercion vulnerability that allows attackers to force authentication using the server’s machine account.
  • Ivanti Endpoint Manager (CVE-2024-13161): Exploitable flaw leading to unauthorized Active Directory access.
  • Ivanti Endpoint Manager (CVE-2024-13160): Vulnerability enabling lateral movement through credential exposure.
  • Ivanti Endpoint Manager (CVE-2024-13159): Attackers can use this vulnerability to escalate privileges within the environment.

Fixed Bugs

  • Fixed display issues and improved template name matching.
  • Resolved deletion issues and ensured proper saving of settings.
  • Corrected handling of Azure service credential passwords.
  • Fixed visibility issues in navigation and IP validation.
  • Resolved ADCS and Azure VM execution bugs.