Data Status Indicators for added reliability & Two-Factor Authentication Backup Codes for enhanced security!
Data Status Indicators
The PenTest.WS platform automatically saves your data so you can focus on investigating your targets. Until now, this process remained completely in the background leaving you with little indication that your data is safe, stored securely in the cloud.
Version 1.9.0 introduces transparency into the save process with Data Status Indicators. As seen in the image above, each auto-save field now has an independent status indicator along its left edge:
- While actively editing an auto-save field, this indicator will turn grey
- During the auto-save process, it will turn red
- Once the save process is complete, the indicator will disappear
In addition to the individual field indicators, there is a new general data transfer indicator in the top right corner:
Whenever PenTest.WS is sending or receiving data, this new data transfer indicator, with its animated three red squares, will provide further insight into the status of your valuable information.
2FA Backup Codes
Accidents happen. Phones are lost, upgraded or simply fail. Backup codes are essential to recovering your account when two-factor authentication (2FA) is enabled.
If you already have 2FA enabled, the system will generate your new backup codes when you visit the link above. Otherwise, you will be prompted to enable two-factor authentication, a process which greatly enhances the security of your PTWS account.
You can only use each backup code once. Be sure to keep these backup codes somewhere safe but accessible.
When all ten codes have been used, you’ll need to generate a new set by revisiting the link above. This link is available from your Account Settings page in the 2FA section. You can generate new codes at any time, which will invalidate all existing backup codes.
Go get your 2FA Backup Codes now!
The PenTest.WS 2021 Road Map
Version 2.0 is a big milestone for any application and one we are incredibly excited about. Today we are announcing two of the most anticipated features coming to PTWS in 2021.
New Report Writing Engine
With all professional penetration tests, the client deliverable is naturally a report describing the engagement’s findings and remediation recommendations. This can be a tedious and time consuming effort, one that is often repetitive and prone to mistakes.
PTWS v2 allows the tester to collect relevant information during a live penetration test and easily generate an engagement report at its conclusion. Report templates start as a Word Document and are fully customizable with loops and conditional statements. Finally, a new data merged Word Document is generated, allowing you to further refine the report as needed.
Application Programming Interface (API)
Scripting is a big part of efficient hacking, so we’re giving PTWS its very own API. Using a simple but effective REST interface which speaks JSON, you’ll be able to build custom tooling around common tasks:
- Import Nmap and Masscan XML files
- Query Engagement, Host and Port records
- Add Hosts and Ports to an Engagement
- Upload and Download Scratchpad Documents
We’re looking forward to seeing what our hacker community can do with a PenTest.WS API to improve their workflow.
Thanks for reading!
PenTest.WS Development Team