- Updated at
- Reading time
We worked hard this month to roll out new updates and we’re excited to share them with you!
These 4 platform features are all about making your workflow smoother, so you can focus on the essential tasks:
1. Use custom wordlists with the Password Auditor
2. NEW: recorded-login authentication for the Website Scanner
3. Screenshots from Website Recon in the Attack Surface
4. Create scan groups for easier scan management
Let’s unpack them!
1. Set up your own list of usernames and passwords and use them with the Password Auditor
As promised, we added custom wordlists for more tools!
In addition to the default wordlists, Password Auditor now includes the option to set up your own list of usernames and passwords and find weak credentials faster.
To create it, go to Wordlists, select Add, and start adding the wordlists you need to run specific pentesting tasks.
After your custom wordlist is created, go to Password Auditor, insert your target, select the wordlist for usernames and passwords, and run a scan with it.
Enrich and update your lists of weak credentials to better detect vulnerable targets and report them to organizations.
Be one step ahead of attackers who use the same tactic to harvest sensitive data and access their internal systems.
2. Run authenticated scans faster with the recorded login method
We’ve added a new authentication method for the Website Vulnerability Scanner to help you perform scans faster for websites with non-standard authentication.
Recorded login authentication allows you to record and replay the login steps, and then upload the recording to the Website Scanner tool.
To learn how you can easily configure this authentication method, make sure to follow the steps described in our dedicated support article.
Try this authentication method to perform in-depth scanning and better uncover critical vulnerabilities that an attacker can leverage after logging in to the website (or web apps).
3. Screenshots generated from Website Recon now available in the Attack Surface
We’ve enhanced the Attack Surface with more aggregated data, so you can get better, clearer view of your network perimeter.
When you scan a target with Website Recon, the scan results – screenshots included – are automatically added to the Attack Surface.
Will I see screenshots for other tools?
Yes, we’ll add support for more tools in future updates!
Use the Attack Surface to get an instant overview of all your scan results grouped by asset categories and better visualize your network exposure.
4. Create scan groups for workflow management and hassle-free reporting
Automating your security testing workflow and saving time with reporting are key for us.
That’s why you can now create, define, and group your scans from your Pentest-Tools.com account. Fast and easy!
A scan group is automatically created when you:
Select multiple targets and run a scan with one specific tool
select multiple targets at the same time using the Scan template
Schedule scans against multiple targets at the same time
To easily view and manage all your scan groups, go to Scans, and click on the Scans Groups.
From here, you can quickly export them in an aggregated report to visualize combined scan results in a unified, centralized manner.
To better understand how to create and define scan groups, check out the step-by-step tutorial from our Support Center.