Hello all!
I wanted to let you know that Codename SCNR v1.7.2 is out and includes several bug fixes and optimizations.
More importantly, however, Introspector support has been added for .NET and Java; now covering .NET, Java and Ruby web applications, with more to come.
The instrumentation allows the capture of:
- Server-side code execution.
- Server-side data flow (-- not for Java unfortunately).
- Client-side code execution.
- Client-side data flow.
This in turn allows for immense context to be attached to each identified vulnerability, thus making narrowing down bugs easier than ever.
In addition, with AI and this much context available, code fixes for vulnerabilities and extensive instructions regarding dissection, exploitation and remediation become available.
A Demo can be seen here:
Enjoy!
Cheers!
- Tasos L.