Skip to content

2025.02

Features/Enhancements

NodeZero

  • Improved Pentest Scheduling Experience:

    • Enhanced template creation flow with success modals and direct links.
    • Added sticky action buttons for pentest and template forms.
    • Introduced "Add Once, Later" scheduling option for increased flexibility.
    • Free trial users can now set up a runner to streamline pentest deployments.

  • ZMap Scope Discovery Tuning:

    • New Scan Options menu allows users to select either Normal (1500 pps) or Slow (150 pps) scope discovery settings.
    • Helps reduce network disruptions caused by rapid TCP connection attempts across routers/firewalls.
    • NOTE: Default setting remains Normal, matching previous behavior.

  • User Interface Improvements:

    • Adjusted CSV export buttons for consistency across the platform.
    • Improved key/value pair display for better vertical readability.
    • Updated privilege escalation paths for better visibility.
    • New toggle for NFS Extract and Analyze, defaulted to ON.

NodeZero Insights

  • Mean-Time-To-Remediation (MTTR) Trends:
    • New charts displaying mean-time-to-remediation trends for weaknesses that have been mitigated.
  • CISA KEV Filtering:
    • Added an advanced filtering option to display only CISA Known Exploited Vulnerabilities (KEVs) in Insights.

New Attack Content

  • CVE-2024-9916: Exploit for HuangDou UTCMS.
  • CVE-2024-23113 & CVE-2024-21762: Fortinet FortiOS modules added for vulnerability detection (not exploitation).
  • Shadow Credential Attack: New Active Directory attack leveraging GenericAll/GenericWrite permissions for privilege escalation.

External Attack Enhancements

  • Website Crawling Enhancements: Optimized speed, reliability, and data extraction.
  • GitHub Token Verification: Updated process for verifying exposed tokens.
  • WordPress Weakness Detection: Expanded attack content to surface additional WordPress security weaknesses.

Bug Fixes

  • Corrected carousel navigation dots for proofs with more than 9 items.
  • Fixed multiple menus opening simultaneously issue.
  • Adjusted misleading "Action Needed" text during pentest initialization.
  • Ensured correct return URLs after completing sign-in.
  • Improved language in pentest results to clarify when a vulnerability is surfaced versus exploited.
  • Resolved issue where Auto-expand scope setting was not being saved in templates.
  • Fixed template runner selection incorrectly being overridden in templates.
  • Prevented disabled feature flags from causing template fields to appear blank.
  • Fixed a bug where services found during pentests were being truncated at 1000 findings in reports.
  • Fixed a bug causing scheduled pentests to be undeletable
  • Resolved an issue where subdomain takeover alerts in Real-Time View were misleading.
  • Fixed Azure Entra ID password audits not running in certain configurations.
  • Resolved AWS credential weakness indicators displaying incorrectly for NodeZero AWS connection roles.
  • Fixed an issue where users were emailed multiple times for scheduled pentest actions.