Cohesion version 1.1.1 now comes with built-in hotkey support when running with TTY support. The hotkeys will allow you to introspect the scanner and all other tools while running. It is also possible to dump snapshot reports without interception of the current scanning process.
Most of the tools are now able to export results as a serialized BSON stream (the default serialization format). Unlike the CSV and JSON, this export forms is capable of efficiently describing all captured information in great details - including the untampered binary data for the requests and responses. Furthermore, the exported format can be read and processed via cohesion command line tools, which makes it great for scripting.
List of Security Checks
The cohesion command-line toolkit now comes with several built-in commands to help you understand the list of supported vulnerability checks, severity levels and attack methods.
Updated Fuzz Lists
We have updated all the fuzzer lists across all applications. This means that now you can use the latest lists from DirBuster, DNSPop, FuzzDB, SecLists and many more. Try the latest lists at https://fuzzer.secapps.com.
We aim to make the best of bread web application security testing toolkit on the market and the screenshot bellow is a proof that we are on the right track. As you can see HTTPView (https://httpview.secapps.com) will take huge amounts of data (over 100K requests) and provide you with the necessary tools to explore, sort and filter the transactions log without stutter.
Although HTTPView is well known and widely used today, it occurred to us that it was never announced on Product Hunt. So we decided to correct this. Click here to upvote.
All online tools now come with dedicated service workers to help with caching and when you need to work offline - yes now you can use the tool even when you are completely disconnected.
Guide To HTTPView
Here is a short video of how to get started with HTTPView - our in-browser HTTP recording tool which will help you when performing web application security assessments.
Chrome DevTools Theme
We try to keep the user interface as spartan as possible because we believe that this will increase productivity and make new and existing features less obscure and easier to reason about. However, due to popular demand, we have introduced a new theme inspired by Chrome DevTools. We call it CR Dev for short. The CR Dev theme feels at home when used with Chrome as it follows the colour schemes and styles of the built-in development tools. It is very well balanced and agronomic and we are sure it will be close to the heart of all Chrome fans out there.
If you check HTTPView, Fuzzer, Scanner, or Unfold you will be surprised to discover our brand new extended filters feature. This new feature can be used to dynamically filter results using several matching methods and the full spectrum of supported data fields which can be applied in combination with the built-in filters. The extended filters allow for better control over the results and help you discover specific requests and responses with great precision.