PentestPortal release - 22+25 November 2022

Much work has been done to fulfill some major wishes of our partners and their customers. In this release, the following has been delivered and released to production.

Features

• #361 - Hooray! In this release we publish the concept of 'Cyber Credits' for our partners. Cyber Credits can currently be used for running Basic Security Scans. Each successfull scan costs one Cyber Credit. Within your partner profile, you will see your transaction history, remaining credits, usage etc. Let us know if you like it and how we can improve it! (Did you know you can get cyber credits free to try it out? - get in touch!)

Fixes

• #455 - Resellers could not view their cyber credits, we have fixed the user access right model on this.

• #456 - In large assessments it was not possible to assign a finding to a target in a /24 subnet, because there was a limitation on the number of targets that were shown in the GUI. This has been fixed now.

• #461 - The file-upload limitation was originally 15MB, this has been changed to 50MB due to some common files could not be uploaded.

Basic Security Scan

• #376 - The HTTPS check has been extended with detailed certification information, such as validity, the certificate chain, extended validation, expiry information etc. The results of these checks are included in all new scans.

• #462 - Only show all HTTPS details if HTTPS is offered by the host at all. This will improve the readability of the scan report.

• #463 - Hide mail addresses in the OSINT table if there is nothing to show at all (no breaches, no passwords, etc.).