This version adds new features and improvements to the scan engine. The most notable are:
- The identYwaf's author allowed us to use the data from his project in Taipan. Identification of WAF is a very important aspect of a vulnerability scan and being able to do it automatically is a must have feature. (All versions)
- Now you can specify how many scans you want to print. This is a handy option if you are used to running a lot of scans. (Consultant edition only)
- We have added more progress information during the scan. You can now have a more precise idea of how long the scan will take.
- Minor bug fixing
Buy Taipan Consultant edition
The Community Edition can be downloaded from GitHub.
We decided to create a new Taipan product that we called Consultant edition. This version adds new features and improvements to the scan engine. The most notable are:
- Generation of HTML report (Consultant)
- Improved Web Form Bruteforce AddOn (Consultant)
- Generation of a cleaner JSON report (Consultant)
- Improved hidden resource discovery component (avoided some false positives)
- Minor bug fixing
Version 2.3 of Taipan Consultant and Community edition is now available. This version adds new features and improvements to the scan engine. The most notable are:
Scan report are now saved in a local DB in order to be queried: Each scan report generated from an executed scan is now saved in a local
DB for future references. It is possible to list all saved reports by running the following command: --show-scans
Improved hidden discovery component: It is now possible to specify which method to use in order to bruteforce a directory for hidden resources. This is useful if you want to test a page that answer only to POST requests.
You can download the Taipan Community edition from GitHub.
Version 2.2 of Taipan Scanner is now available. This version adds new features and improvements to the scan engine. The most notable is:
XML External Entity (XXE) AddOn: Taipan is now able to identify XXE vulnerability when an endpoint accepting XML data is found.
XXE is one of the main class of vulnerability that affect web application, in fact it is in the top half of the OWASP Top Ten 2017. The AddOn is
enabled in the Full scan profile.
You can download the Taipan binary from GitHub.
Release of Taipan Pro 2.0. This version adds new features and improvements both to the scan engine and the Enterprise components. Among them:
Taipan broker: a new architectural component was implemented, the Taipan Broker.
It allows you to decouple the scan engine from the Dashboard. This will provide a better scalability
of the full solution in a complex environment.
Authenticated Scan: it is now possible to configure an authenticated scan in a very simple way. Taipan Pro supports
HTTP Basic, HTTP Digest, Bearer and Web Form. The last one is enabled by guiding the user through a very simple login emulation process,
where taipan records all the authentication steps and replies during the scan.
- HTTP Basic bruteforce AddOn: a new AddOn was implemented. It allows you to bruteforce HTTP Basic form to identify weak username/password accounts. It is possible to enable it throught the Scan settings View.