News

Hello all, I am very pleased to announce the commercial release of Ecsypno's DAST/IAST offering:     Codename SNCR is a highly evolved web application security scanner, utilizing DAST, as well as IAST, techniques -- DAST to analyze server-side behavior from a black-box perspective and DAST & IAST for client-side Javascript environment analysis. In addition, server-side IAST capabilities exist for Ruby web applications, but those are going to be rolled out later on. Editions Codename SCNR comes in 3 editions: Basic -- CLI utilities to manage the scanner engine. + Ruby API for scripting. Pro -- Basic features + a...

Hello all,   Some time ago I announced the arrival of IAST scanning for Rack-based (such as Ruby-on-Rails, Sinatra, etc.) web applications. The feature is now here and I'd like to demo it for you. We have our application, in this case a Sinatra one, and it goes like: As you can see, scnr/introspector has been required and made use of. Now we run a scan with no additional options or configuration: ./bin/scnr http://localhost:4567/ [...] [+] Web Application Security Report - SCNR::Engine Framework [~] Report generated on: 2024-01-08 09:59:13 +0200 [+] System settings: [~] --------------- [~] Version:           1.0dev [~] Seed:...

Hello all,   There had been a stable/commercial release countdown until the end of this year, however, due to the need for more beta testing and the ongoing search for funding, the countdown has been halted. It is again uncertain when a commercial release will be available. Trial version releases and development continue, and your feedback is much appreciated.   Best regards, Tasos L.

Hello all, I'd like to announce the addition of Peplum::John to the arsenal. Peplum is a project that enables users/developers to run code in a distributed, parallel fashion and combine multiple machines' resources, thus rendering time consuming tasks to be much, much quicker. We previously talked about Peplum::Nmap, this time though it's John the Ripper that got the treatment. The way this works is hashes are distributed across computer nodes that already have John installed and then attacked by all available machines until they are cracked. It's quite the party so give it a go and let us know. :)