This release includes a number of improvements to Dastardly's scanner. It also includes an update to the Chromium browser used by Dastardly.
Scanner
We've made the following improvements to Dastardly's scanning capabilities:
- Dastardly now audits requests issued by iframes.
- Dastardly now scans YAML API definitions.
- Dastardly now scans floating input fields. This provides improved scan coverage for single-page applications.
- Dastardly now scans all clickable elements. You should see an increase in scan coverage for single-page applications that use non-traditional navigational elements.
- Dastardly now supports Brotli compressed HTTP messages.
- Dastardly has been optimized to reduce the amount of time it waits for a page to stabilize when scanning.
Environmental variables
We've changed Dastardly's environmental variables. However, you can continue to use your existing environmental variables until further notice.
These changes are:
- DASTARDLY_OUTPUT_FILE is now BURP_REPORT_FILE_PATH
- DASTARDLY_TARGET_URL is now BURP_START_URL
Bug fixes
We've fixed an issue where Dastardly would erroneously consolidate locations in some circumstances. As a result, you may see an increase in the number of locations discovered.
Browser upgrade
We've upgraded Dastardly's built-in Chromium browser to 115.0.5790.110 for Windows and Linux, and 115.0.5790.114 for Mac.
Get Dastardly
For details on how to integrate Dastardly into your CI/CD pipeline, see the Dastardly documentation.