Global Configuration

Delay parameter

Timeout parameter

Headless web browser

Best Practices

Contact Support

Discord Community

Blog

Product & API Documentation | BLACKBIRD Technologies (Formerly NOVA SECURITY)

API Documentation

Customer Dashboard

Pricing

Learn how to use BLACKBIRD to get the most of it and avoid common pitfalls that may impact your potential with it.

BLACKBIRD Web App Pentesting Suite is a complete toolkit for penetration testers and security professionals who want to save time and find more security vulnerabilities by leveraging the latest attack techniques derived from the competitive and ever-evolving bug bounty world.

Introduction

There are several reasons why it'd be a more wise decision to choose us above any other alternative. This page outlines all of the reasons why.

Why BLACKBIRD Web App Pentesting Suite

BLACKBIRD Web App Pentesting Suite is a toolkit for penetration testers. It was designed by and for penetration testers all along.

For Who?

Learn more about your future with BLACKBIRD

Mission

Vision

Core Values

Learn more about BLACKBIRD's capabilities

Capabilities

Get Started With BLACKBIRD Pentesting Suite

Getting Started

Onboarding

Learn to navigate around BLACKBIRD Pentesting Suite

Navigation

Learn how customers use BLACKBIRD to get the most of it.

Common Use Cases & Workflows

This page describes how you can scan your list of targets for security vulnerabilities using BLACKBIRD Web Security Vulnerability Scanner

BLACKBIRD Web Security Vulnerability Scanner

In this article, we will go over how you can easily start a vulnerability scan on your list of target URLs or even a target definition to uncover vulnerabilities.

Launching a Vulnerability Scan

In this article, we will go over how you can easily start a recon scan on your list of targets or target definition to map out as many hosts & live hosts as possible.

Launching a Recon Scan

Common terminologies and definitions used on BLACKBIRD Web App Pentesting Suite

Glossary

BLACKBIRD offers a set of semi-automated pentesting tools that you can make use of. This section is dedicated to the usage of each tool.

Pentesting Tools

BLACKBIRD offers a set of semi-automated pentesting tools that you can make use of. This section is dedicated to the configuration of each tool.

XSSCANNER is an advanced Cross-Site Scripting (XSS) scanner.

Cross-Site Scripting (XSS) Scanner

S9R (SSRFSCANNER) is a specialized Server-Side Request Forgery (SSRF) scanner.

Server-Side Request Forgery (SSRF) Scanner

WAYPOINTS is a scalable solution to define your own personalized scan rules to look for security vulnerabilities on your organisation's or company's network.

WAYPOINTS Template-based Scanner

**Templates** or **Scan Rules** are predefined JSON objects to instruct WAYPOINTS to look for security vulnerabilities across your organisation's or company's network. In this guide we will go over what templates (or scan rules) are.

What is a WAYPOINTS template or scan rule?

**Templates** or **Scan Rules** are predefined JSON objects to instruct WAYPOINTS to look for security vulnerabilities across your organisation's or company's network. In this guide I will go over how you can create your private template.

Creating a WAYPOINTS template

OAST Server is your personal private Out-of-Band (OOB) Server designed for Out-of-band Application Security Testing (OAST).

OAST Server

Learn how to configure your notifications settings to get notified by BLACKBIRD

Notifications

BLACKBIRD provides an extensive API to start, delete, and view scans at any time.

Platform Overview

Getting Started

Pentesting Tools

Private OAST Server

Real-Time Notifications

Best Practices

Best Practices

Global Configuration

Delay parameter

Timeout parameter

Headless web browser

Platform Overview

Getting Started

Pentesting Tools

Private OAST Server

Real-Time Notifications

​Best Practices

​Global Configuration

​Delay parameter

​Timeout parameter

​Headless web browser

Best Practices

Global Configuration

Delay parameter

Timeout parameter

Headless web browser