Scanner Notifications

Thu Jan 10 2019 22:17:12 GMT+0000

The Scanner now comes with builtin support for notifications. This option is particularly useful in situations where you rely on features such as Co-Pilot to perform the testing while manually exercising the application in a different browser tab. You will be notified immediately when vulnerabilities are discovered. Simple as that.

Scanner Notifications

Scanner Notes

Thu Jan 10 2019 21:07:29 GMT+0000

The Scanner now support notes. You can now embed any arbitrary text information in your scanner files. For example, you can add some notes about how the scanning process went or include some awesome ASCII art.

Scanner Notes

Encoder Data URI Support

Sun Jan 06 2019 07:08:18 GMT+0000

The Encoder now comes with Data URI encoding and decoding capabilities.


Landing Scout

Wed Sep 12 2018 07:22:42 GMT+0000

We are very excited to announce the preview release of Scout. SecApps Scout gives you a 360° visibility of all your external system assets such as domains, IP addresses, ports, services, and web applications. With Scout, you can build up and continuously manage your systems asset catalog without the need to provision many specialist tools, configure support infrastructure, aggregate reports and keep everyone informed via the right communication channel.

SecApps Scout was specifically designed to help you stay ahead of cybercriminals by automatically identifying the weakest links in your public infrastructure with builtin support for automatic change detection and auxiliary tools for filtering, sorting, categorizing and testing the Scout results.

Your scouts will also keep you and your team up to-to-date with automatic summary emails and slack messages sent from your scouts upon completion. It has never been easier to get a personal 24/7 security monitoring infrastructure ready to operate at any scale under any conditions.


JSON Path Encoder

Fri Aug 03 2018 09:00:20 GMT+0000

The Encoder tools from the Online Suite now supports JSONPath evaluations. This will help you extract values directly from the chain of transformations, saving time and additional effort. With JSONPath we can perform a wide-range of JSON manipulations which are particularly useful when dealing with JWT tokens, AWS pre-signed URL and forms and more.


Auto Formatting

Sun Jul 29 2018 12:31:16 GMT+0000

Working with complex applications often require fiddling with lots of structured markup that is either packed/minimised or poorly formatted. This is why we have added document auto-formatting options to both Rest and Fuzzer. Both XML (including HTML) and JSON (including JavaScript) are fully supported!

Breaking Records

Cohesion Hotkeys

Tue Jul 17 2018 08:38:12 GMT+0000

Cohesion version 1.1.1 now comes with built-in hotkey support when running with TTY support. The hotkeys will allow you to introspect the scanner and all other tools while running. It is also possible to dump snapshot reports without interception of the current scanning process.

CR Dev

Serialized Output

Tue Jul 17 2018 07:05:21 GMT+0000

Most of the tools are now able to export results as a serialized BSON stream (the default serialization format). Unlike the CSV and JSON, this export forms is capable of efficiently describing all captured information in great details - including the untampered binary data for the requests and responses. Furthermore, the exported format can be read and processed via cohesion command line tools, which makes it great for scripting.

CR Dev

List of Security Checks

Mon Jul 16 2018 14:55:56 GMT+0000

The cohesion command-line toolkit now comes with several built-in commands to help you understand the list of supported vulnerability checks, severity levels and attack methods.

CR Dev

Updated Fuzz Lists

Fri Jul 13 2018 15:27:46 GMT+0000

We have updated all the fuzzer lists across all applications. This means that now you can use the latest lists from DirBuster, DNSPop, FuzzDB, SecLists and many more. Try the latest lists at

CR Dev