Extended Filters

Tue Jul 02 2018 18:18:59 GMT+0100

If you check HTTPView, Fuzzer, Scanner, or Unfold you will be surprised to discover our brand new extended filters feature. This new feature can be used to dynamically filter results using several matching methods and the full spectrum of supported data fields which can be applied in combination with the built-in filters. The extended filters allow for better control over the results and help you discover specific requests and responses with great precision.

filters

Landing Text

Tue Jun 12 2018 13:53:27 GMT+0100 (BST)

We are excited to announce the latest addition to the Online Suite - a general purpose text editor. While this may not sound exciting on the surface, there are a few interesting possibilities we are very interested to see unfold. For example, Text is just a simple text editor but combined with Fiddles we have the sort of PasteBin we always wanted. Additionally, you can use the tool to save notes, readmes and other types of useful information in your personal projects or as private fiddles if you have our pro subscription.

Landing WebReaver Alpha

Tue May 29 2018 19:11:54 GMT+0100 (BST)

We are very happy to announce the Alpha release of WebReaver - an automated web application security testing tool. WebReaver will help you quickly identify a handful of web application security vulnerabilities right from your own desktop.

Download the alpha today.

AppBandit 0.3.0

Tue May 29 2018 16:50:18 GMT+0100 (BST)

AppBandit 0.3.0 is out. This release includes many performance and style improvements. You can download the latest version from the official page. If you already have AppBandit just wait for the automatic update notification.

BinView Improvements

Tue May 29 2018 08:29:40 GMT+0100 (BST)

We have launched an exciting new feature in BinView which allows you to navigate through all ASCII strings in a binary file, find their location and scroll them in position in the hex viewer. This feature will significantly speed up the time to reverse engineer unknown binary formats. Furthermore we have implemented several useful filters to help you search for known hash values, emails and other useful strings.

Binary Support

Wed May 23 2018 07:37:53 GMT+0100 (BST)

Starting from SecApps Extension Version 3.1.0 binary HTTP requests and responses are fully supported. This means that tools such as HTTPView are able to display the exact binary contents of pictures, audios and videos. This feature will also greatly improve interaction with binary protocols like protbuf when accessed by the builtin hex viewer.

Landing Cohesion

Fri May 04 2018 08:24:37 GMT+0100 (BST)

We are very excited to announce the first official release of Cohesion - a devsecops web security penetration testing tool specifically designed to be used as part of Continuous Integration pipelines and more.

Cohesion comes with a built-in scanner, fuzzer, and a proxy. The scanner is a standalone security testing solution which will spider the target and execute tests against all parameterized forms and links. The fuzzer is most suitable or testing individual requests, therefore, it fits perfectly in the production pipeline of web services. Finally, the proxy can be used to dynamically scan any request in transit therefore it can be easily combined with existing unit and integration tests.

Just follow the online documentation to learn more about Cohesion.

Private Fiddles

Thu Apr 19 2018 08:09:29 GMT+0100 (BST)

SecApps Pro users now can create and share Private "Fiddles". Private Fiddles are only advertised to the people you share them with. No one else has access. With private fiddles you can significantly improve the time to investigate and respond to security vulnerabilities. Once configured your fiddle will contain all required information to reproduce the vulnerability and even re-test it on the spot. The fiddle is just a link, which means it can be shared in emails, vulnerability tracking systems, chat sessions and more.

Getting started with "Private Fiddles" is easy. If you are using the Scanner, simply click the grid button to open the issue in Rest or Fuzzer. Once the information is loaded, click the "Fiddle" button and select the "Create Private Fiddle" option. Share the link. You can also create the fiddle manually, load it directly from AppBandit or HTTPView and much more.

New Launchpad

Fri Apr 13 2018 11:29:12 GMT+0100 (BST)

Behold the new Launchpad. Not only you can launch all available apps but now we provide information about your recent cloud storage files and "fiddles". We have also substantially improved all profile features, subscription screens, trial management features and much more. Check it out today and let us know what you think.

Landing AppBandit Beta

Tue Mar 06 2018 07:25:31 GMT+0000 (GMT)

We are extremely excited to announce the public beta release of our latest tool - AppBandit. AppBandit, or AB for short, is an intercepting penetration testing proxy built on top of our existing technology stack you are already familiar with from our online testing suite. With AppBandit we are not just making a brand new proxy in the same vein as all others but also extending the existing proxy concepts and workflows with new ideas and tooling not seen anywhere else. It is a complete game changer.