Product

Enhancements to the Open Source CLI, Platform, and Detection.

This update introduces various improvements to the XSS scanner, the functionality of the open-source CLI, and monitoring rule creation.

Mon 11 March 2024

This update introduces various improvements to the XSS scanner, the functionality of the open-source CLI, and monitoring rule creation.

🛠️ Platform Improvements

  • Restructured the new monitoring rule flow to be more user-friendly and intuitive.
    Preview of New monitoring flow

📦 Detection & Knowledge Base

  • Added detection for Fortinet FortiOS Out-of-Bound Write SSL VPN Vulnerability.
  • Improve XSS Agent to detect PostMessage-based XSS.

🤖 Open Source

  • Ship the first version of Nebula Agent for persisting messages locally.
  • Added support for primitive arguments of agents in CLI scan run. You can pass arguments using the --arg flag, e.g.:
oxo scan run --agent agent/ostorlab/nmap --follow agent/ostorlab/nmap --arg fast_mode:False ip 8.8.8.8

This command will initiate a scan using the Nmap agent with the fast_mode argument set to False:

Preview of an oxo scan with agent arguments

Tags:

OSS, Attack Surface, Integration

We do newsletters, too

Get the latest news, updates, and product innovations from Ostorlab right in your inbox.

Table of Contents