🚀 SmartScanner 2.2 is Here: No More Secrets!

By SmartScanner

We’re excited to announce the release of SmartScanner 2.2, packed with meaningful improvements and new features designed to give you more control, better coverage, and a smoother scanning experience. From expanded test capabilities to important bug fixes, this update reflects our continued focus on precision, usability, and performance.

Let’s walk through what’s new in this release.

🔍 New Features

Sensitive Data Disclosure Detection

SmartScanner 2.2 introduces a powerful new test for detecting Sensitive Data Disclosure. This helps uncover exposed information such as:

  • API keys and access tokens
  • Credentials in code or comments

This addition strengthens your ability to prevent accidental data leaks that could otherwise become an entry point for attackers.

Powered by Trusted Patterns

Our new Sensitive Data Disclosure test is built using detection patterns inspired by the excellent gitleaks project. While the scanning logic is fully developed in-house, we’ve incorporated some of the same proven rulesets to enhance detection coverage for secrets, credentials, and other exposed data.

This allows us to deliver precise, high-confidence results while ensuring full integration into SmartScanner’s existing engine and reporting system.

No-Crawl Option for Targeted Scans

Need to scan a predefined list of URLs without crawling? Now you can. SmartScanner 2.2 includes a no-crawl mode perfect for tight scope assessments or automation workflows where crawl behavior isn’t needed. Just provide a list of URLs, and we’ll take it from there without crawling beyond them.

Scanning target list with no-crawl option

JavaScript File Scanning

You can now directly scan standalone JavaScript (.js) files. This allows you to inspect public scripts for issues such as insecure APIs, exposed secrets, or obfuscated malicious code, giving you broader coverage for both client-side and back-end assets.

đź§  Smarter and Smoother Experience

Improved Manual Login Workflow

We’ve refined the manual login process: the browser window now auto-fills the target URL when launched, saving time and making the process more intuitive, especially helpful when working with authentication-heavy web apps.

🔄 Detection Rule Updates

We’ve updated several core vulnerability checks to reflect the latest threat intelligence and software versions. These enhancements improve detection accuracy for:

Keeping these rules current ensures that SmartScanner stays ahead of emerging threats.

đź›  Bug Fixes

We also resolved a couple of important issues:

  • Crash during scan: Fixed a rare but disruptive crash that could occur mid-scan.
  • Report truncation issue: Fixed a bug where HTTP responses in reports were improperly truncated, causing proof-of-concept payloads to be partially hidden.

Final Thoughts

SmartScanner 2.2 is another step forward in making web vulnerability scanning more accurate, efficient, and Smarter. Whether you’re performing ad hoc security reviews, scanning during deployments, or using SmartScanner manually, this release gives you more precision and control over how scans are executed and reported.

As always, we’re grateful for your feedback and support. Try out the new version and let us know what you think!

Ready to upgrade? Download SmartScanner 2.2 Free now

Stay secure, The SmartScanner Team

Scan security of your website with SmartScanner for free

Download