In this release, we've made substantial enhancements to our asset discovery capabilities, introduced new features for Basic Tier (Free) users, and resolved several critical issues. Our primary focus has been on improving the visibility and analysis of discovered assets, and refining the insights for assets.

Our mission with the platform includes making advanced security tools available to as many people as possible. We are rolling out more features to ProjectDiscovery Cloud Platform Basic Tier (Free) users over the coming weeks and months.

Basic Tier (Free) users will now have access to:

• Discover and monitor assets (up to 10 domains and unlimited cloud integrations)

• Write and manage vulnerability templates

• Use AI for template generation

Updates & Improvements

Asset Discovery Enhancements

We've introduced several new features to make asset discovery more comprehensive and insightful:

• Screenshots for Web Services: Automatically capture images of discovered web assets.

• Improved Tech Stack Detection: Use headless browser-based detection for more accurate and comprehensive technology identification.

• Favicon Icon: When available, favicon icons are now captured.

• Enhanced DNS Discovery:

  • DNS Permutation for additional subdomain discovery (enabled by default).

  • DNS Wildcard Filtering for both passive and active discovery (enabled by default).

Notes:

• Screenshot is an optional feature that can be enabled from advanced discovery settings.

• Discovery options can be customized in advanced discovery settings, enabling users to tailor the discovery process to their specific needs.

Severity-based Sorting:

Scan results are now sorted based on severity by default, allowing users to prioritize high-risk vulnerability findings.

Improved Log-in and Sign-up Pages:

We've revamped the UI for our log-in and sign-up pages to provide a more intuitive and user-friendly experience.

Bug Fixes

This release addresses several critical issues to improve platform stability and user experience

• Fixed manual ticket creation issues for vulnerability results.

• Fixed scheduling problems with next run time for scans and enumerations.

• Fixed input deduplication for scans with target input lists.

• Fixed issues in re-scans caused by deleted alerting or reporting configurations.

• Fixed scan export issues for large results.

• Fixed issues with asset deletion.

• Fixed token consumption issues for user-stopped scans.