Landing Cohesion

Fri May 04 2018 08:24:37 GMT+0100 (BST)

We are very excited to announce the first official release of Cohesion - a devsecops web security penetration testing tool specifically designed to be used as part of Continuous Integration pipelines and more.

Cohesion comes with a built-in scanner, fuzzer, and a proxy. The scanner is a standalone security testing solution which will spider the target and execute tests against all parameterized forms and links. The fuzzer is most suitable or testing individual requests, therefore, it fits perfectly in the production pipeline of web services. Finally, the proxy can be used to dynamically scan any request in transit therefore it can be easily combined with existing unit and integration tests.

Just follow the online documentation to learn more about Cohesion.

Private Fiddles

Thu Apr 19 2018 08:09:29 GMT+0100 (BST)

SecApps Pro users now can create and share Private "Fiddles". Private Fiddles are only advertised to the people you share them with. No one else has access. With private fiddles you can significantly improve the time to investigate and respond to security vulnerabilities. Once configured your fiddle will contain all required information to reproduce the vulnerability and even re-test it on the spot. The fiddle is just a link, which means it can be shared in emails, vulnerability tracking systems, chat sessions and more.

Getting started with "Private Fiddles" is easy. If you are using the Scanner, simply click the grid button to open the issue in Rest or Fuzzer. Once the information is loaded, click the "Fiddle" button and select the "Create Private Fiddle" option. Share the link. You can also create the fiddle manually, load it directly from AppBandit or HTTPView and much more.

New Launchpad

Fri Apr 13 2018 11:29:12 GMT+0100 (BST)

Behold the new Launchpad. Not only you can launch all available apps but now we provide information about your recent cloud storage files and "fiddles". We have also substantially improved all profile features, subscription screens, trial management features and much more. Check it out today and let us know what you think.

Landing AppBandit Beta

Tue Mar 06 2018 07:25:31 GMT+0000 (GMT)

We are extremely excited to announce the public beta release of our latest tool - AppBandit. AppBandit, or AB for short, is an intercepting penetration testing proxy built on top of our existing technology stack you are already familiar with from our online testing suite. With AppBandit we are not just making a brand new proxy in the same vein as all others but also extending the existing proxy concepts and workflows with new ideas and tooling not seen anywhere else. It is a complete game changer.

The Pown Apps

Mon Jan 29 2018 08:46:13 GMT+0000 (GMT)

Together with Pown.js we are very excited to announce a new pown feature, which allows you to use the tools from the online suite directly from the pown command line. This feature enables some interesting capabilities. For example you can interface command line tools with the online suite and vice versa.

Read more about this exciting new feature on our blog.

Landing HTML Preview

Mon Nov 20 2017 18:23:46 GMT+0000 (GMT)

We just made our online suite so much more useful. Now you can easily preview HTML responses with the help of the built-in web renderer now part of all tools including Rest, Fuzzer, HTTPView and others.