Landing Scout

Wed Sep 12 2018 07:22:42 GMT+0000

We are very excited to announce the preview release of Scout. SecApps Scout gives you a 360° visibility of all your external system assets such as domains, IP addresses, ports, services, and web applications. With Scout, you can build up and continuously manage your systems asset catalog without the need to provision many specialist tools, configure support infrastructure, aggregate reports and keep everyone informed via the right communication channel.

SecApps Scout was specifically designed to help you stay ahead of cybercriminals by automatically identifying the weakest links in your public infrastructure with builtin support for automatic change detection and auxiliary tools for filtering, sorting, categorizing and testing the Scout results.

Your scouts will also keep you and your team up to-to-date with automatic summary emails and slack messages sent from your scouts upon completion. It has never been easier to get a personal 24/7 security monitoring infrastructure ready to operate at any scale under any conditions.

Scout

JSON Path Encoder

Fri Aug 03 2018 09:00:20 GMT+0000

The Encoder tools from the Online Suite now supports JSONPath evaluations. This will help you extract values directly from the chain of transformations, saving time and additional effort. With JSONPath we can perform a wide-range of JSON manipulations which are particularly useful when dealing with JWT tokens, AWS pre-signed URL and forms and more.

JSON Path

Auto Formatting

Sun Jul 29 2018 12:31:16 GMT+0000

Working with complex applications often require fiddling with lots of structured markup that is either packed/minimised or poorly formatted. This is why we have added document auto-formatting options to both Rest and Fuzzer. Both XML (including HTML) and JSON (including JavaScript) are fully supported!

Breaking Records

Cohesion Hotkeys

Tue Jul 17 2018 08:38:12 GMT+0000

Cohesion version 1.1.1 now comes with built-in hotkey support when running with TTY support. The hotkeys will allow you to introspect the scanner and all other tools while running. It is also possible to dump snapshot reports without interception of the current scanning process.

CR Dev

Serialized Output

Tue Jul 17 2018 07:05:21 GMT+0000

Most of the tools are now able to export results as a serialized BSON stream (the default serialization format). Unlike the CSV and JSON, this export forms is capable of efficiently describing all captured information in great details - including the untampered binary data for the requests and responses. Furthermore, the exported format can be read and processed via cohesion command line tools, which makes it great for scripting.

CR Dev

List of Security Checks

Mon Jul 16 2018 14:55:56 GMT+0000

The cohesion command-line toolkit now comes with several built-in commands to help you understand the list of supported vulnerability checks, severity levels and attack methods.

CR Dev

Updated Fuzz Lists

Fri Jul 13 2018 15:27:46 GMT+0000

We have updated all the fuzzer lists across all applications. This means that now you can use the latest lists from DirBuster, DNSPop, FuzzDB, SecLists and many more. Try the latest lists at https://fuzzer.secapps.com.

CR Dev

Breaking Records

Thu Jul 11 2018 22:15:13 GMT+0000

We aim to make the best of bread web application security testing toolkit on the market and the screenshot bellow is a proof that we are on the right track. As you can see HTTPView (https://httpview.secapps.com) will take huge amounts of data (over 100K requests) and provide you with the necessary tools to explore, sort and filter the transactions log without stutter.

Breaking Records

Product Hunt

Thu Jul 11 2018 19:12:59 GMT+0000

Although HTTPView is well known and widely used today, it occurred to us that it was never announced on Product Hunt. So we decided to correct this. Click here to upvote.

Product Hunt

Service Workers

Tue Jul 10 2018 20:50:09 GMT+0000

All online tools now come with dedicated service workers to help with caching and when you need to work offline - yes now you can use the tool even when you are completely disconnected.

Service Workers