7.5.016 (released March 10, 2025)
New Attack features and enhancements
- SSL Strength Module improvements:
TLS 1.2checks added.TLS 1.0/1.1severity increased toHIGH.- Updated expiration thresholds, descriptions, and remediation content.
- Swagger UI DOM Based Attacks: detection improvements to reduce false positives.
New Crawling/Scanning features and enhancements
- R7Crawler now supports
MacrobasedHOTP/TOTPauthentication. - Improved R7Crawler service recovery:
- Attempts to recover the crawler will only be triggered if scanning is still being performed.
- Improved R7Crawler coverage:
- Allowing sub-requests by default (unless blocked by a specific rule)
- Any URLs in
blockedNavigationshould be added to the list of URLs to be scanned.
- Improved R7Crawler handling of invalid ALF hooks
- Login video files generated by R7Crawler have more meaningful filenames.
- Improved the scan engine logging during macro authentication.
- Canary Page Session Detection: Improved the re-login trigger and logging when session loss is detected.
- Proxy configuration and handling improvement:
- Added a proxy exclusions list for
Manual Proxy Configurations, allowing specified domains (including wildcards) to bypass the proxy. - Improved PAC (Proxy Auto-Configuration) support for ChromeHost and R7Crawler.
- Added a proxy exclusions list for
- Upgraded Selenium ChromeDriver to version
133.0.6943.126.