Releases
v1.5.0
Compare
Sorry, something went wrong.
No results found
Changelog
[1.5.0] — 2026-06-30
Added
Program Intelligence Engine : Added program intelligence engine and hunting playbook generator.
Advanced Testing Tools : Added ReDoS, supply chain, and multi-tenant isolation testing tools.
Coverage Heatmap : Added endpoint coverage heatmap with DB schema and query methods.
Second-Order Injection : Added detector for stored XSS, SSTI, SQLi.
Smart Wordlist Generator : Added tool with tech/industry vocabulary.
Business Logic Test Suite : Added tests for amount, coupon, quantity manipulation.
Blind Injection Hub : Added tool for XSS, SSTI, CMDi, SSRF via OOB.
Rate Limit Bypass : Added detection tool for rate limiting bypasses.
Auth Matrix Tool : Added IDOR and broken access control detection.
Specialized Scanners : Added SOAP, mobile manifest, and cloud credentials scanners.
Commit History
b4ba489 Add -draft-report CLI flag for AI-assisted report drafting
3685075 Add AI JS analysis testing infrastructure
3a25d81 Add AI tools to presets and update tests
6cc3469 Add AI triage engine for false positive filtering
81fc05a Add AI vulnerability detection for prompt injection
adc464e Add AI-powered JavaScript analysis for endpoint discovery
77ec33d Add ASN, CVE, gRPC, Git scan tools and companion server APIs
430b549 Add Arjun wrapper for hidden parameter discovery in scan stage 3
af951ae Add CORS OPTIONS preflight test
8eda8de Add GitHub org member enumeration, expand chain builder, wire IDOR Obsidian export, fix lint
0c2b997 Add GraphQL introspection bypass probes
5972477 Add IDOR assistant for parameter clustering and testing
e48860c Add JWT HTTP response scanning and RS256 to HS256 confusion test
1fd9c23 Add LLM integration infrastructure
e442f0f Add ReDoS, supply chain, and multi-tenant isolation testing tools
6b19eeb Add SOAP, mobile manifest, and cloud credentials scanners
8087f73 Add Web3, paste, cert, price, and dependency audit scan tools
bb5a225 Add auth matrix tool for IDOR and broken access control detection
06dadff Add blind injection hub tool for XSS, SSTI, CMDi, SSRF via OOB
b29d818 Add business logic test suite for amount, coupon, quantity manipulation
cc5ebe0 Add custom adapter guide, case study, and update README links
cb2fa74 Add dynamic tool gating with shouldSkipTool in orchestrator
945a2e7 Add email enumeration and swagger parser services
21c33ed Add encoding bypasses to 403 bypass tester
aee677e Add endpoint coverage heatmap with DB schema and query methods
b23e6e6 Add false positive confidence scoring and filtering to reports
3a80038 Add interactsh OOB URL context and first-run execution
0603d9d Add multiple payload formats for AI prompt injection testing
cbe7c17 Add native Go security scanners: CORS, 403 bypass, JWT, open redirect
f5fc9f4 Add program intelligence engine and hunting playbook generator
4ce11c5 Add rate limit bypass detection tool
d6488ef Add second-order injection detector for stored XSS, SSTI, SQLi
5b3ac29 Add smart wordlist generator tool with tech/industry vocabulary
af38fe7 Add unit tests for dynamic tool gating logic
230d90f Add validate-config CLI option and resolve make validate target
a639548 Decouple security tools from services and implement domain/recon ScanContext
6f7708d Downgrade Go version to 1.23 and adjust Grype DB age limit
e22c8da Enrich Diff struct with ChangeReasons for context-aware diffs
8bde20f Expand GraphQL scanner with query batching, mutations, and IDOR testing
db75b04 Fix CI issue
a90e372 Fix IDE lint warnings and update secret scanner patterns
ba6324e Fix bypass403 false positive rate and OpenAI chat completions delegation
609696e Fix code problems, lints, and CI workflow errors
01e074e Implement CPU scaling and process niceness for low-resource mode
bcdd273 Implement Gemini-powered LLM report drafting in app_output.go
6bb0d20 Implement HTTP Request Smuggling detector for CL.TE and TE.CL
dd1024a Implement HackerOne and Bugcrowd API program profile auto-loader
b56d5cb Implement JS change detection and diff reporting in JSAnalyzer
15b5f39 Implement LLM-assisted noise triage engine for scan findings
c440f94 Implement OAuth 2.0 flow tester for CSRF, open redirects, and PKCE bypass
2c370d0 Implement Prototype Pollution detector with client and server-side testing
598f5bd Implement Race Condition tester for state-changing endpoints
002f81b Implement WebSocket security tester for CSWSH and Origin validation
35c4af1 Implement auto CTEM transitions and integrate scanner presets
972396f Implement contextual AI bug bounty report drafting
f990b99 Implement false positive confidence scoring engine with corroboration and configurable threshold
7eff4c1 Implement host header injection and cache poisoning detector
6404b76 Implement loopback auto-authentication for web dashboard
f4cd7df Implement tech stack fingerprinting and targeted nuclei mapping
4b8e997 Implement vulnerability chain analysis and attack path reporting
870210a Increase test coverage for scope engine and raise CI threshold
c3ffe09 Inject custom header context into Gowitness adapter scans
b8053e9 Merge cache into main SQLite database and batch worker pool queries
206f72b Optimize TUI, resolve client data races, upgrade dependencies, and register active probe tools
735651d Redesign dashboard with dark cybersecurity theme and update docs
cab3bbf Refactor dashboard frontend into standalone embedded static files
9dd114f Refactor domain recon code for cleaner implementation
bbf3d2e Refactor report generator by splitting god-class
94f288f Refactor scorer environment switch for cleaner code
d241f59 Refactor server entrypoint into lifecycle, routing, and middleware
ad4bfc2 Register CORS, 403 bypass, JWT, open redirect adapters in registry
7c9e619 Register GraphQL and OAuth flow tester as default tools and doctor diagnostics
372bcf6 Remove false-positive shodan_key pattern from secrets scanner
8a7ffeb Update TUI demo recording to terminal.gif
7bad0d6 Wire interactsh OOB URL to nuclei and dalfox
799c372 chore: prepare v1.5.0 release
You can’t perform that action at this time.