News

Hello all, I'd like to introduce to you the upcoming addition to Ecsypno's product line: Codename RKN Codename RKN is an automated WebApp I/O behavioral analysis (for reconnaissance and threat modelling) tool -- i.e. a penetration tester's best friend.It is your manual webapp pentest assistant, allowing you to keep track of a Web application's attack surface as well as your progress traversing through it. Core functionality Server-stack identification. Identify amount and types (link, form, cookie etc.) of inputs. Identify input characteristics, ex.: Data sinks -- Data lands in: HTML – reflected HTTP response headers – reflected JS runtime Whether or...

Hello all, I would like to introduce to you the new addition to the Codename SCNR suite of products, the "Community" edition. Community is a free edition, aimed towards individual penetration testers without many requirements, just running a CLI scan and going over the results in place -- no reporting. In essence, free and high-quality WebAppSec scanning for all! Hooray! :) In your place, I'd sprung a few bucks and buy the Basic edition for the extra reporting features, but to each their own, plus, Community is a great way to evaluate the engine behind Codename SCNR and make an...

Hello all, I'd like to introduce to you the new Codename SCNR SDLC edition. The SDLC edition sits between Pro and Enterprise and offers Basic features plus access to the REST API -- no remote Agents or Scheduler, like Enterprise. As the name suggests, it's meant to take part in your SDLC and allow for easy integration via the Codename SCNR REST API. Cheers, Tasos L.

Hello all, I am very pleased to announce the commercial release of Ecsypno's DAST/IAST offering:     Codename SNCR is a highly evolved web application security scanner, utilizing DAST, as well as IAST, techniques -- DAST to analyze server-side behavior from a black-box perspective and DAST & IAST for client-side Javascript environment analysis. In addition, server-side IAST capabilities exist for Ruby web applications, but those are going to be rolled out later on. Editions Codename SCNR comes in 3 editions: Basic -- CLI utilities to manage the scanner engine. + Ruby API for scripting. Pro -- Basic features + a...