Hey folks, There's a new version of Arachni, an Open Source, modular and high-performance Web Application Security Scanner Framework written in Ruby. Brief list of changes: * Optimized pattern matching to use less resources by grouping patterns to only be matched against the per-platform payloads. Bottom line, pattern matching operations have been greatly reduced overall and vulnerabilities can be used to fingerprint the remote platform. * Modules * Path traversal (path_traversal) * Updated to use more generic signatures. * Added dot-truncation for MS Windows payloads. * Moved non-traversal payloads to the file_inclusion module. * File inclusion (file_inclusion) — Extracted from path_traversal. * Uses common server-side files and errors to identify issues. * SQL Injection (sqli) — Added support for the following databases: * Firebird * SAP Max DB * Sybase * Frontbase * IngresDB * HSQLDB * MS Access * localstart_asp — Checks if localstart.asp is accessible. * Plugins — Added: * Uncommon headers (uncommon_headers) — Logs uncommon headers. For more details about the new release please visit: http://www.arachni-scanner.com/blog/arachni-0-4-5-1-0-4-2-release/ Download page: http://www.arachni-scanner.com/download/ Homepage - http://www.arachni-scanner.com Blog - http://www.arachni-scanner.com/blog Documentation - https://github.com/Arachni/arachni/wiki Support - http://support.arachni-scanner.com GitHub page - http://github.com/Arachni/arachni Code Documentation - http://rubydoc.info/github/Arachni/arachni Author - Tasos "Zapotek" Laskos (http://twitter.com/Zap0tek) Twitter - http://twitter.com/ArachniScanner Copyright - 2010-2013 Tasos Laskos License - Apache License v2 Cheers, Tasos Laskos.