Skip to content

2024.01

Features & Enhancements

Phishing Impact Test New

  • This feature is crafted to help you gauge and comprehend the impact of successful phishing campaigns within your organization, starting with the employees most susceptible to phishing.

Enhancements

  • Attack Path Enhancements now include a Vertical Display option, along with Concise/Detailed views. These improvements aim to provide a clearer narrative of your security posture, emphasizing critical impacts and weaknesses.
  • External Asset Discovery has been updated to assist in identifying the status and warnings for discovered hosts that may not be authorized for pentesting.

New Attack Content

  • Ivanti Connect Secure VPN: Authentication Bypass (CVE-2023-46805) and Remote Code Execution (CVE-2024-21887) vulnerabilities have been added.
  • Fortra GoAnywhere MFT Authentication Bypass (CVE-2024-0204). For more details, see our blog post.
  • Apache OFBiz Remote Code Execution Vulnerability (CVE-2023-51467).
  • Jenkins CLI Vulnerability: An arbitrary file read through the CLI can lead to RCE (CVE-2024-23897).
  • Confluence Data Center and Server RCE (CVE-2023-22527). For additional information, see our blog post.
  • Added checks for 21 vulnerabilities from the CISA KEV list.
  • A suite of new Azure, Azure AD, and MS Entra AD Connect enumerations enhance NodeZero capabilities in cloud and hybrid-cloud environments.

Updates & Improvements

  • Attack Path Improvements: New toggle buttons for attack graphs, vertical attack path display, and options for detailed or concise attack path narratives.
  • 1-Click Verify Documentation: Now available to streamline verification processes.
  • New Filters in Tables: Added "Filter by Injected Creds" & "Filter by Phished Creds" in the Impacts, Weaknesses, and Credentials tables.
  • Summary Page Enhancements: Now displays injected and phished credentials for a comprehensive view.

Bug Fixes

  • Zmap Upgrade: Moved to version 3.0.0 to diminish errors that could disrupt the scope_discovery module in certain operations.
  • Nuclei Template for CVE-2020-10770: Enhanced to reduce false positives.
  • Azure ADConnect: Excluded Azure ADConnect AD Service Account from weakness H3-2023-0030 consideration.
  • Azure Refresh Tokens Verification: Rectified the module responsible for verifying Azure Refresh Tokens.
  • EDR Interference with RAT: Addressed an issue where EDRs blocking RAT's process list retrieval resulted in Data nodes without resource IDs.
  • Implant RCE Module: Fixed retry mechanism in some failure scenarios.
  • Payload Echoing by Printers/Servers: Adjustments made to mitigate false positives based on header checks.
  • AWS boto3 Commands: Updated commands for creating public S3 buckets.
  • Httpx Scanning on Port 9103: Resolved an issue causing printers to print gibberish.
  • Attack Path Renderings: Corrections made for weakness H3-2022-0086.
  • Host Discovery: Implemented fingerprint-based deduplication to refine host discovery accuracy.