Sandcat 4

What's New in Sandcat 4

May 28, 2013

Syhunt Sandcat 4.0 is here! The new release entails a tremendous programming effort to take the browser platform to the next level. Here we explain the main enhancements made to the new version.

Enhanced Live Headers

Sandcat 4 comes with a revamped and enhanced Live Headers. You can now view not only the request headers and response headers but the response of HTTP requests and XHR calls. The captured requests can be viewed, exported to and imported from individual files via its Live Headers bar. It also adds a display filter option which allows you to view only requests that satisfy a given expression or set of expressions.

Live Headers Cache
Sandcat 4 adds the ability to save the full request details of captured requests as part of a Sandcat Live Headers export file. For this, Sandcat 4 comes with its own cache which works side by side with the Chromium's cache and stores more details about requests than an usual browser. Sandcat creates a temporary cache for each tab and when you close the tab, the temporary cache file is deleted.

Note: As a privacy measure, the request headers are encrypted before being stored in the Live Headers Cache using AES encryption.

Deliberately ignoring the No-Cache directive
If the Live Headers capture is enabled Sandcat will disregard the HTTP headers that proclaim no-cache and still cache the request in the Live Headers Cache for subsequent review. This only applies for the Live Headers Cache. The Chromium browser component will not cache the request.

Preview Extensions

The new request viewer that comes with Sandcat 4 includes a preview tab with extension possibilities, and it comes with preview extensions for the most common web file formats. This includes CSS, Flash, HTML, common image formats (bmp, gif, ico, jpg, png and svg), JavaScript, JSON, text and XML files. This page explains how you can add support for additional response content types.

New Consoles

Sandcat 4 comes with an enhanced version of the Sandcat Console, and it is now possible not only to add custom commands, but to create custom consoles. We've added two new consoles: a Lua Console and a JavaScript Console (screenshot here) and, in addition to these, the Pen-Tester Tools pack comes with a Ruby Console extension.

New Lua Libraries

Several Lua libraries and objects were created or enhanced for the new version. The goal of these libraries is to make the development of Sandcat Lua-based extensions easier and set its extension system further apart from the traditional JavaScript-based extension systems.

New Preferences Screen

The new Preferences screen gives advanced control over the behavior of the browser. Preferences can be imported and exported to individual files.

Sandcat Tasks

Another distinct feature of Sandcat, the new release adds the ability to launch Lua-based tasks in isolated processes that can run independently or perform operations in an isolated tab process. Sandcat Tasks can be monitored and managed from its Tasks page. We plan to keep enhancing this feature in future releases.

New Pen-Tester Tools

Sandcat 4 adds several new pen-tester extensions as part of the new incarnation of its Pen-Tester Tools extension pack. This includes: a Request Loader, a XHR Editor, a XHR Fuzzer, a CGI Scanner, a HTTP Brute Force extension, enhanced request editors, enhanced script runners, and more. The tools now take advantage of Sandcat's new ability to launch tasks in isolated processes.

 

Page last modified on May 30, 2013, at 06:34 AM
2013 Syhunt