Search Go hack yourself with Detectify

An EASM blog from Detectify

Major updates to Detectify

August 19, 2014

We are releasing multiple major changes to Detectify and this is the beginning of the new Detectify. Many hours have been invested in a new and improved UI. There are also multiple changes under the hood in the core of the service, e.g., updated engine to better handle JS-based pages.

New user interface

The ambition with the new UI is to create a flexible design where it is easier for us introduce new functionality to our users. The release plan is packed with features that will help you as a developer and security tester.

We have introduced new features for improved usability, e.g.,

  • Scanning behind login and testing of predefined user flows (e.g., check-out flows)
  • Released the API for you to build integrations into your development tools

Improved coverage of new and updated attack vectors

New and updated modules for vulnerability testing in this release are e.g., CSRF (testing of forms), SSL Breach, Flash content sniffing (Rosetta Flash), DNS SPF (fake the sender of e-mails), DNSSEC tests, CSS parser and for all of you with internal legacy systems, VBS. An update of our JS-engine brings improved coverage of DOM-based XSS.

Set-up recurring testing

Don’t forget to set up recurring scanning of your site to make sure you are always tested for new security issues. New attack vectors are constantly being identified and we release new versions of the scanner frequently.

Do you feel that something is missing from Detectify or have general comment? Hit us up at @detectify or We are aiming to improve Detectify and make the Internet a safer place.

Happy scanning!