Dastardly 2023.10

05 September 2023 at 12:37 UTC

This release includes a number of improvements to Dastardly's scanner. It also includes an update to the Chromium browser used by Dastardly.

Scanner

We've made the following improvements to Dastardly's scanning capabilities:

  • Dastardly now audits requests issued by iframes.
  • Dastardly now scans YAML API definitions.
  • Dastardly now scans floating input fields. This provides improved scan coverage for single-page applications.
  • Dastardly now scans all clickable elements. You should see an increase in scan coverage for single-page applications that use non-traditional navigational elements.
  • Dastardly now supports Brotli compressed HTTP messages.
  • Dastardly has been optimized to reduce the amount of time it waits for a page to stabilize when scanning. 

Environmental variables

We've changed Dastardly's environmental variables. However, you can continue to use your existing environmental variables until further notice.

These changes are:

  • DASTARDLY_OUTPUT_FILE is now BURP_REPORT_FILE_PATH
  • DASTARDLY_TARGET_URL is now BURP_START_URL

Bug fixes

We've fixed an issue where Dastardly would erroneously consolidate locations in some circumstances. As a result, you may see an increase in the number of locations discovered.

Browser upgrade

We've upgraded Dastardly's built-in Chromium browser to 115.0.5790.110 for Windows and Linux, and 115.0.5790.114 for Mac.

Get Dastardly

For details on how to integrate Dastardly into your CI/CD pipeline, see the Dastardly documentation.