New Features
- A new option that allows you to specify a different email address for each configured scan in the scheduler.
- HTTP Fuzzer number generator now supports padding, e.g. you can use a leading zero i.e. from 01 to 10.
- A new option to specify if the latest cookie from the scanned website should be used rather than the one discovered during crawling.
- New option to force scanner to not overwrite user specified custom cookies with newer cookies from the scanned website.
- Ability to import multiple HTTP Sniffer captures to the same crawl.
- Ability to merge HTTP Sniffer captures to existing website crawls.
New Security Checks
- Added a test for .Net Cross Site Scripting (Request Validation Bypassing).
- New security check for MediaWiki security issues.
Bug Fixes
- Fixed a Crossdomain in an XML false positive.
- Fixed the Scan Wizard back button issue; there were instances were it was not working correctly.
- Fixed a bug in the scanner to scan only website files found during a crawl.
- Fixed a memory leak in the Client Script Analyser engine.
- The Login Sequence Recorder User-Agent string is now the same in both the header and in the scripting code.
- Fixed a bug within the WSDL scanner “Customize” button.