This release includes a number of improvements to Dastardly's scanner. It also includes an update to the Chromium browser used by Dastardly.
We've made the following improvements to Dastardly's scanning capabilities:
- Dastardly now audits requests issued by iframes.
- Dastardly now scans YAML API definitions.
- Dastardly now scans floating input fields. This provides improved scan coverage for single-page applications.
- Dastardly now scans all clickable elements. You should see an increase in scan coverage for single-page applications that use non-traditional navigational elements.
- Dastardly now supports Brotli compressed HTTP messages.
- Dastardly has been optimized to reduce the amount of time it waits for a page to stabilize when scanning.
We've changed Dastardly's environmental variables. However, you can continue to use your existing environmental variables until further notice.
These changes are:
- DASTARDLY_OUTPUT_FILE is now BURP_REPORT_FILE_PATH
- DASTARDLY_TARGET_URL is now BURP_START_URL
We've fixed an issue where Dastardly would erroneously consolidate locations in some circumstances. As a result, you may see an increase in the number of locations discovered.
We've upgraded Dastardly's built-in Chromium browser to 115.0.5790.110 for Windows and Linux, and 115.0.5790.114 for Mac.