Support for Basic Authentication, HTTP folders and other improvements

Ostorlab has added support for Basic Authentication, HTTP folders and various enhancements to the attack surface and stack traces sections.

Tue 16 January 2024

HTTP Folders

Introducing HTTP Folders, a new way to navigate your app communication. Easily navigate domains and subdomains for a clear view of requests and responses, gaining valuable insights with streamlined visibility. You can see your app's HTTP folders in the IDE section of your scan report.

HTTP Folders

  • ℹī¸ Detailed Information: Each HTTP folder includes detailed information such as the domain, subdomain, and a list of requests and responses.
  • 🔍 Search and Filter: Easily search and filter HTTP folders based on domain, subdomain, or specific requests, facilitating efficient monitoring and analysis.

Basic Authentication

Ostorlab now supports Basic Authentication in Web scans. Test applications seamlessly with Basic Authentication or Composed Authentication (Form-based or Script-based), enabling a more wide-ranging scan.

  • 🔒 Various Authentication Methods: Unlock a spectrum of testing possibilities with support for Basic and Composed Authentication.
  • 🌐 Expanded Testing Scope: Ensure wider coverage of your application testing.

Attack Surface Enhancement

We've enhanced the Attack Surface section to streamline navigation. Introducing the new "Nodes" tab, it provides a comprehensive list of all nodes in your attack surface graph, along with a summary of their properties, including type and ownership. You can see your Attack Surface "Nodes" in the Attack Surface section.

Attack Surface

Stack Traces Search Enhancement

We've made an enhancement to the Stack Traces search in the Dynamic tab of the IDE section. Now, you can conveniently search stack traces by Runtime type, including Flutter, C, Dex, or Swift.

Stack Traces