Cohesion now can integrate directly with GitLab and show results as part of the Merge Request screen. This means that developers can have a fully-integrated experience. More information is available in our documentation.
Cohesion version 1.1.1 now comes with built-in hotkey support when running with TTY support. The hotkeys will allow you to introspect the scanner and all other tools while running. It is also possible to dump snapshot reports without interception of the current scanning process.
List of Security Checks
The Cohesion command-line toolkit now comes with several built-in commands to help you understand the list of supported vulnerability checks, severity levels and attack methods.
We are very excited to announce the first official release of Cohesion - a devsecops web security penetration testing tool specifically designed to be used as part of Continuous Integration pipelines and more.
Cohesion comes with a built-in scanner, fuzzer, and a proxy. The scanner is a standalone security testing solution which will spider the target and execute tests against all parameterized forms and links. The fuzzer is most suitable or testing individual requests, therefore, it fits perfectly in the production pipeline of web services. Finally, the proxy can be used to dynamically scan any request in transit therefore it can be easily combined with existing unit and integration tests.
Just follow the online documentation to learn more about Cohesion.