Blog

Websecurify Mobile 1.0.2 for iOS

Websecurify Mobile 1.0.2 for iOS is now live on the iTunes App Store. All existing customers should receive an update within the next 24 hours.

This version contains the following improvements:

  • The testing engine has been revamped to enable even faster scanning with better results with less device resources.
  • The user interface has been drastically improved with plenty of new visual enhancements.
  • The reporting capabilities has been improved with issue counters, which are used as indicators to show areas that require urgent attention.
  • You can now email the report even when the test is still in progress.

On behalf of the Websecurify team I want to say that it was great pleasure to deliver this version and we hope that you are going to like it as much as we do.
Posted by pdp at 15:11 0 comments

Cold, Coffe, Code

It has been a cold and snowy day here in UK. I've spent most of the time outside making snow men and giant balls of snow. I have also managed to squeeze in some time for pentesting, while drinking coffee in Costa, and I have just finished doing some code refactoring of Websecurify Mobile 1.0.3. Indeed, it has been a productive and very rewarding day.

Here are some screenshots from the latest build of Websecurify Mobile. This release is very stable although we know about one bug, which will be fixed in the next couple of days.

 

So, in theory, this means that we might be able to get out the next update as soon as next week although this depends on how fast we get through Apple's approval process.
Posted by pdp at 11:05 0 comments

The Upcoming Websecurify Mobile

This is a quick update just to let you know that we are actively working on the next version of Websecurify Mobile for iOS, which will contain the following key improvements:
  • The latest testing engine (faster, better security checks)
  • Improved user interface
  • Ability to email reports
  • Snappier and a lot faster than the previous version

We are still working on the application color schemes and polishing the user interface but the basic functionalities are there and they work great.

The next update is just a few weeks away.
Posted by at 13:45 0 comments

Websecurify 1.0.2 for Windows and Mac has Arrived

Websecurify 1.0.2 is by far the best version ever released. It is feature packed yet easy to use and as fast as nothing else.

As they say "the devil is in the details" and this version is all about that. A lot of things has been taken care of in order to create a functional and fast web application security scanner with the best possible user experience. Websecurify on Mac looks gorgeous and it is really fast but wait to see Websecurify for Windows. It will change your perception of what security products should be all about.

From the click on the application icon to the first application screen it takes no more than just a moment. This is very different from those pesky, never ending splash screens which we are all acquainted to from other products. The target locationbox is all you need to start a scan with zero configuration. It has been all taken care of for you by default. However, if you feel adventures you can always fire up the side browser which will allow you to pinpoint hot areas for further testing or exclusion. You simply don't need to fiddle with regular expressions or string matching constants which are not only difficult to use but also error prone and very inefficient. It has been all taken care of for you.

After a lot of time spent in the lab searching for the best features we can put in a product that we love we think we have found the best way to do reporting. Reports are generated on the fly. You simply don't need to wait until the end to find out what is going. You can easily filter issues by severity or features with just a single click. Websecurify can not only show you the details of each found issue but also where possible take a screenshot as a proof. There is no other web application security tool out there that does this. Each report is exportable in various formats designed to be easily embedded into your own custom reporting templates. We simply do not support the idea of closed loop marketing by embedding our brand everywhere possible. If you are looking for in-depth information about each issue we even provide JSON and XML reports which contain details about the reported items broken down to the individual components. This is very powerful and can be used to simply your life and save you a lot of time and great deal of stress by implementing your own custom automation workflow.

Last but not least Websecurify 1.0.2 is good fit for wide range of uses and available to everyone: form the experts to the casual users. We have priced the product fairly and in fact more fare than all of our competitors. There is no feature locking. We think it is silly to lock the product to scan only 1-3 web sites and than ask for more cash to unlock the full version as our competitors do. Websecurify is revolutionary in that way. However, what is even more revolutionary is that you are not tied to anual renewal fees. When you buy a major version it is your's to keep and use to test as many web applications as you need. To make it even better, we have even automated the payment process so you can enjoy you version in a few moments after purchase. It is as simple as that and we will keep your version up to date via our online update mechanism, which you can switch of if you don't need it.

So enjoy it and let us hear if you have any comments, suggestions, feedback, bugs or just things that annoy you. Our commitment is to make the best web application security tool out there.
Posted by pdp at 16:55 0 comments

A Collage of Websecurify's Evolution

This is essentially a collage of all pictures from Picasa which we use for this blog. What I find interesting is the story that the picture tells. It really shows the many incarnations of the product and how much effort has been put into it to make what it is today.

Stay tuned for the next major incarnation.

Posted by pdp at 12:53 0 comments

Websecurify's Debute on ITunes and Mac App Stores

Although Websecurify has been officially available on the Mac App Store for several days now and more than a month on the iTunes App Store, it is about time to announce it publicly here. It is true. Websecurify is now the premium web application security testing tool for Mac. It is one of its kind and proud to carry the title of being "the first and only".

The Mac App Store Version is full of awesome improvements incorporated in style and simplicity throughout the entire application. Some of the key features include:

  • Fully integrated browser which allows fine-tuning of even some of the most demanding applications today.
  • Adjustable test scope. For more information, see the Wiki page here.
  • The ability to not only run several test at the same time but also work on multiple projects currently.
  • Smart reporting system which removes duplicate issues on the fly.
  • Powerful and quickly accessible report filters to sift through complex tests with numerous issues.
  • Vulnerability snapshots. What is a security report without the technical details? You get not only the exact details about each vulnerability but also helpful screenshots illustrating the problem in full.
  • Several built-in reporting mechanism which allow detailed exporting to multiple formats including CSV, XML, JSON, HTML and RTF. HTML and RTF reports include screenshots which can be easily copied around in your own custom reports.
  • New and improved testing engine which now detects more issues than ever before in a fast and concise way.
  • Absolutely gorgeous user interface in every single way.

There are some awesome improvements for the iTunes App Store (iPhone) version planned to be released in the upcoming weeks. Here they are:

  • The ability to email reports even when they are not fully completed. This is a huge win especially when you want to report an issue as soon as you find it.
  • Brand new testing engine with numerous improvements all over the place.
  • Faster test cycles. On some medium-size applications it is possible to complete a full test in just a few minutes.

Needless to say, this is just the start of a very exciting future in which we want to make a mark in our own unique way.  We would like to use the opportunity to thank our beta testers and everyone who helped us to get to this stage. You are rock starts and you know it.

Posted by at 11:47 0 comments

Websecurify 0.9 is Out

Websecurify 0.9 is now out of our workshop and you can download it from the usual place.

In this release we went back to the basics and reengineered everything from scratch and made it 10 times better. In the process we even managed to create a version which can run on most modern mobile devices although at the moment we only support the iPhone.

Websecurify 0.9 is de facto not only the first web application security testing software ever created for iOS, Android, Blackberry and others, but it is also the very first fully functional integrated web application security testing solution which can run straight from your web browser. This release is perhaps one of the most cross-platform software solutions you will encounter today and we are proud to be the first to do it, putting our orange flag in the history books forever.

However, this is not all... far from it. For the upcoming months we have prepared even more surprises for our loyal fans and supporters. We are planning to completely change everything and make the dent, created by Websecurify, even bigger.

Enjoy this release and if you have a few spare moments tell us what do you think and how we can help you even further.
Posted by pdp at 22:18 4 comments

Websecurify Mobile Beta Test Starts Today

The public beta test of Websecurify Mobile Alpha1 starts today. The WS Dev team would like to personally say "Thank You" to all beta testers who have signed up in the last couple of days. By now you should have received an email with instructions how to participate.

As it usually happens, there is already a service out there which lifts off some kind of burden from your chest. In our case that is TestFlight which will be helping us dealing with the provisioning profile mess during the beta test stages.

If you haven't signed up yet, you can do so here. You can also use the TestFlight recruitment page over here.
Posted by pdp at 12:36 0 comments

Websecurify for the iPhone Preview

This is a quick preview of Websecurify running on the iPhone. Keep in mind that the application runs natively and uses the device own resources to perform the test.


We are still looking for beta testers. If you have an Apple device and you are willing to try Websecurify please fill in the form provided here. Thanks in advance.
Posted by pdp at 10:22 0 comments

Websecurify for the iPhone

The multi-platform support is perhaps the most advantageous feature of Websecurify 0.9. Our testing engine is not only capable of handling even the most resource demanding applications but also run smoothly on mobile devices such as the iPhone.


We are essentially in the final stages of development of the Websecurify Mobile edition. At the moment the user interface is simple, solid and fully functional. The mobile testing engine is fully functional inside the iPhone although we are going to make some drastic improvements to reduce testing time on complex applications.

Needless to say, we need beta testers. So, if you own an iPhone and you are willing to try Websecurify, please fill in your details here and we will get back to you with instructions.

Thanks.
Posted by pdp at 09:22 0 comments
Subscribe to: Posts (Atom)