Invicti Professional v23.9
Web Application Security Scanner
Automatic, deadly accurate, and easy-to-use web application security scanner to automatically find security flaws in your websites, web applications, and web services.
Invicti Professional Edition is a commercial web application security scanner. It is designed to automatically find and fix vulnerabilities such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF) in web applications. It can scan web applications hosted on a variety of platforms, including Windows, Linux, and macOS. It offers a range of features to help developers and security professionals identify and fix vulnerabilities in their web applications, including an automated scanner that can identify a wide range of vulnerabilities, and a manual testing tool that allows users to test for vulnerabilities manually. It is available as a standalone product or as a cloud service.
New feature
We’ve added the ability to set proxy configurations to Docker Agent as an environment variable when creating a container
Improvements
Disabled caching from the boolean-based MongoDB security engine to avoid possible false positives
Improved the content-type exemption for non-HTML content types in the CSP engine
Improved the typehead.js check to increase stability
Removed the X-XSS-Protection header check because it is deprecated by modern browsers
Fixed a scan coverage issueImproved the remediation part for the JetBrains .idea detected vulnerability
Added functionalities to prevent bot detection and fixed an issue that was causing cookie loss after authentication
Link:
