August 15, 2009
Sandcat 3.9 takes advantage of UTF8-Decode problems to evade filters - Sandcat 22.214.171.124 update, released today, takes advantage of UTF8-Decode problems to evade filters when performing injection checks. The new technique complements the set of filter evasion techniques implemented in previous Sandcat releases. UTF8-Decode risks have been presented by experts Eduardo Vela and David Lindsay during the BlackHat USA 2009 (See: Our Favorite XSS Filters/IDS and how to Attack Them). Sandcat 126.96.36.199 update also includes additional WAF and IDS evasion techniques, targeting mod_security and PHP-IDS, and improved support for HTML 5.
August 6, 2009
Sandcat 3.9 Preview Release available for download - We're happy to make available a preview release of Sandcat 3.9. The new version expands the browser emulation feature set by adding new HTTP and SSL/TLS options, Socks support and additional authentication options. The new version can also perform a web structure brute force scan without having to re-crawl the target host (in other words, it remembers the last web structure of scanned web sites). Sandcat 3.9 also comes with a tweaked user interface that can provide a better user experience.
June 10, 2009
May 11, 2009
Sandcat Pro now supports concurrent scans - The first beta of the Sandcat Session Launcher tool, released today, adds concurrent scans support in Sandcat Pro. Multiple session threads and multiple host threads per session are supported. If you are a registered Sandcat Pro user, you're invited to beta test it! Details on how to download the new tool will be emailed to you today.
April 20, 2009
Welcome our new Customers from the UK - Thank you to all the kind people and organizations that joined our customer community within the last months. Special thanks to the UK government agencies and the growing list of universities that are adopting vulnerability assessment and secure coding practices and decided to use our software. We are currently working on new versions of both Sandcat and Sandcat for PHP to make them better than ever for you. Several new technologies are under development and will be released throughout 2009.
April 20, 2009
Sandcat 3.7 supports Windows 7 - We would like to announce that Sandcat 3.7 supports Windows 7 and will have a 64-bit version soon. We think Windows 7 is shaping up to be a very solid release, so we are happy to support this new platform.
January 14, 2009
PHP threats continue to rise but more work & education could help - Rising PHP security issues; The future of PHP development. Read the PDF.
January 8, 2009
Round Cube Webmail probes spreading rapidly - A recommended reading about this issue is available at: http://stateofsecurity.com/?p=550
Sandcat was updated today and the new version (188.8.131.52) already detects this issue.