We are very excited to announce the first official release of Cohesion - a devsecops web security penetration testing tool specifically designed to be used as part of Continuous Integration pipelines and more.
Cohesion comes with a built-in scanner, fuzzer, and a proxy. The scanner is a standalone security testing solution which will spider the target and execute tests against all parameterized forms and links. The fuzzer is most suitable or testing individual requests, therefore, it fits perfectly in the production pipeline of web services. Finally, the proxy can be used to dynamically scan any request in transit therefore it can be easily combined with existing unit and integration tests.
Just follow the online documentation to learn more about Cohesion.
SecApps Pro users now can create and share Private "Fiddles". Private Fiddles are only advertised to the people you share them with. No one else has access. With private fiddles you can significantly improve the time to investigate and respond to security vulnerabilities. Once configured your fiddle will contain all required information to reproduce the vulnerability and even re-test it on the spot. The fiddle is just a link, which means it can be shared in emails, vulnerability tracking systems, chat sessions and more.
Getting started with "Private Fiddles" is easy. If you are using the Scanner, simply click the grid button to open the issue in Rest or Fuzzer. Once the information is loaded, click the "Fiddle" button and select the "Create Private Fiddle" option. Share the link. You can also create the fiddle manually, load it directly from AppBandit or HTTPView and much more.
Behold the new Launchpad. Not only you can launch all available apps but now we provide information about your recent cloud storage files and "fiddles". We have also substantially improved all profile features, subscription screens, trial management features and much more. Check it out today and let us know what you think.
Landing AppBandit Beta
We are extremely excited to announce the public beta release of our latest tool - AppBandit. AppBandit, or AB for short, is an intercepting penetration testing proxy built on top of our existing technology stack you are already familiar with from our online testing suite. With AppBandit we are not just making a brand new proxy in the same vein as all others but also extending the existing proxy concepts and workflows with new ideas and tooling not seen anywhere else. It is a complete game changer.
The Pown Apps
Together with Pown.js we are very excited to announce a new pown feature, which allows you to use the tools from the online suite directly from the pown command line. This feature enables some interesting capabilities. For example you can interface command line tools with the online suite and vice versa.
Read more about this exciting new feature on our blog.