beSTORM

May 2025

Version 13.4.0

May 28, 2025

New Features

  • Added the Bluetooth File Transfer Profile module.

  • Added the DHCPv6 module to support the DHCP for IPv6 protocol described in standard RFC 8415.

  • Added the OSPFv2 with Adjacency module. This module establishes an adjacency with DUT (Device Under Testing) before starting fuzzing it for protocol OSPF Version 2 protocol described in standard RFC 2328.

  • Added the OSPFv3 with Adjacency module. This module establishes an adjacency with DUT (Device Under Testing) before starting fuzzing it for protocol OSPF Version 3 protocol described in standard RFC 5340.

  • Added the Unified Diagnostic Services on IP (UDSonIP) module.

Enhancements

  • Reports for paused or completed beSTORM projects now show the combinations completed and the total estimated combinations.

  • beSTORM Monitor log entries now include a timestamp.

  • beSTORM Monitor now shows the list of Processes and Services in case insensitive order.

  • Added support for gdb_monitor.py and gdb_monitor_python3.py monitors.

Fixes

  • Fixed an issue where the Persistent Monitoring option in beSTORM Monitor was attempting to reattach to the selected process every second causing an infinite loop of error messages. beSTORM Monitor will now increase how long it waits for every unsuccessful attempt.

  • Fixed an issue where a port scan would continue to run after selecting the Cancel button to exit from the port scan dialog.

  • Fixed an issue where selecting X to close the Module Buffer Types dialog after deleting a buffer type did not delete the buffer type.

  • Fixed an issue where if the environment variable’s Type was set to String, it would appear as Not Set in the Environment Settings table of the fuzzing report.

  • Fixed an issue where selecting Apply instead of OK would not apply changes to a beSTORM project’s configuration settings.

  • Fixed an issue where if a test was omitted for a module under Test Selection, its value was included in the total combination sum.

  • Fixed an issue where, when a beSTORM project was paused or stopped and then later resumed, generated reports incorrectly loaded the combinations of all previous sessions.

  • Fixed an issue where incorrect values for the estimated number of combinations and time remaining would appear in the Module Browser pane when using the RTSP module.

  • Fixed an issue where beSTORM would be blocked when using the Ethernet module with the Scale Type parameter set to Serial.

  • Fixed an issue where the combination count was incorrect if the Scale Type parameter was set to Serial.

  • Fixed an issue where incorrect values for combinations performed on each node could appear on generated reports if the Scale Type parameter was set to Timed.

  • Fixed an issue that prevented external libraries from being loaded in the Ubuntu version of beSTORM, which rendered several modules unusable.

May 2024

Version 13.3.0

May 21, 2024

New Features

  • Added the PTPv2 (1588-2008) Client module to support the PTPv2 protocol described in standard IEEE1588-2008.

  • Added the PTPv2 (1588-2008) Server module to support the PTPv2 protocol described in standard IEEE1588-2008.

Enhancements

  • Updated the ARP Low-level protocol to include the GARP (Gratuitous ARP) and IARP (Inverse ARP) request types.

  • Changing the Scale Type parameter for an existing project will now update the Module Browser tree to reflect the new number of combinations.

  • Updated the beSTORM User Guide to include fuzz testing guides, EDSA module documentation, and API documentation. This content was initially only available on Fortra's Beyond Security Portal.

  • Replaced the embedded beSTORM User Guide PDF with the HTML version to provide a better user experience. The PDF version of the guide is still available for download from Fortra's Beyond Security Portal.

Fixes

  • Fixed an issue where trailing blank spaces at the end of a project's name would display the "Failed to load general project settings..." error message.

  • Fixed an issue where the RIPv1 module would stop responding after a fuzz testing session started.

  • Fixed an issue where the Module Browser pane was not accurately portraying the number of combinations a module can perform. The Module Browser tree and any associated completed reports will now correctly display the number of iterations every node makes.

  • Fixed an issue where the estimated time remaining to complete a test, based on the total combinations and average speed, was incorrect.

March 2024

Version 13.2.0

March 15, 2024

New Features

  • Added the beSTORM BLE Monitor for monitoring a device under test (DUT) while fuzzing Bluetooth Low Energy (BLE) protocols.

  • Added support for CAN DBC files with defined multiplexed signals for CANBUS modules.

  • Added the IS-IS module to support the Intermediate System to Intermediate System (IS-IS) protocol described in standard ISO/IEC 10589:2002.

  • Added the MPLS LDP module to support the Multiprotocol Label Switching - Label Distribution (MPLS LDP) protocol described in standard RFC 5036.

  • Added the OSPFv2 module to support the Open Shortest Path First (OSPF) Version 2 protocol described in standard RFC 2328.

  • Added the OSPFv3 module to support the Open Shortest Path First (OSPF) Version 3 protocol described in standard RFC 5340.

Enhancements

  • Rebranded the beSTORM user interfaces and company logos from Beyond Security to Fortra.

  • Added the Serial/Base2 Scale Type, which combines the Serial and Base2 types, providing an intermediate option that generates more combinations than Base2 but less than Serial.

  • Updated the PROFINET RT DCP module to provide the option to test without resetting the IP address of the device under test.

  • Updated the beSTORM Monitor installer to automatically install the Visual C++ Redistributable during installation.

Fixes

  • Fixed an issue where the "Vulnerability management and testing news" feed on the Welcome to beSTORM window was missing or incomplete.

  • Fixed an issue where generating an HTML report could cause beSTORM to stop responding.

  • Fixed an issue where an error would occur while running the DOC or HWP File modules.

  • Fixed an issue where opening Simple Web Server.exe would cause an error.

  • Fixed an issue where importing Postman 2.x files into the Web Application Module would not process correctly when the host was not detected, authorization tokens were not used, or the SSL/TLS connection failed.

  • Fixed an issue where beSTORM 13.1.0 would stop responding while creating a project using the Network Configuration v1.0, Network Configuration v1.1, or SFTP Client modules.

  • Fixed an issue where beSTORM would stop responding if it ran a project using the FTP module.

  • Updated an error message when Npcap is improperly installed.

  • Reduced the number of combinations for the GIF file module to ensure tests do not run endlessly.

June 2023

Version 13.1.0

June 21, 2023

Enhancements

  • Added support for Windows 11.

  • Updated the IEEE802.11 (AP), IEEE802.11 (AP - Simple), IEEE802.11 (Subscriber), and IEEE802.11 (Subscriber - Simple) modules to be compatible with Windows 10 or later.

  • Changed the error message for entering an invalid hostname or IP address on the Basic Configuration window to be easier to understand.

  • Added an enhancement to prompt a confirmation dialog when deleting a module's default buffer types.

  • Removed the IEEE802.11 (Subscriber - Simple - UDP), CG4579 (Over PCAN) - Custom, and Running Speed and Cadence (Custom) modules.

    NOTE: If your projects use these modules, substitute them with the IEEE802.11 (Subscriber - Simple), CG4579 (Over PCAN), and Running Speed and Cadence modules.
Fixes

  • Fixed an issue where the source port for some tests was incorrect due to endian issues caused by the EDSAv2-406 TCPv4 and EDSAv3-406 TCPv4 modules.

  • Fixed an issue where the Simple Web Server module would stop responding when the default port number (80) was in use. The module now reports an error and allows you to change the port setting to an available number.

  • Fixed an issue where deleted module buffer types were still used to generate fuzzed data.

  • Fixed an issue where saving a project in the Console Client would repeatedly display the "Settings were saved successfully to" message.

April 2022

Version 12.4.19

April 19, 2022

Enhancements

  • Migrated support from Python2 to Python3.

  • Updated progress to the user's UI to show what it is doing.

Fixes

  • Fixed a PCAP issue related to VLAN.

  • Fixed an issue where an endless loop occurred when a module is too complex to calculate (for example, EDSA v2).

March 2022

Version 12.3.8

March 3, 2022

Enhancements

  • The AutoSPS is now visible so that the Console version can access it.

  • Added support for a custom Generator (for example, allow one for Bluetooth).

Fixes

  • Fixed an issue where the beSTORM Console was not reading paths correctly in Windows.

January 2021

Version 11.1.15

January 15, 2021

Enhancements

  • beSTORM can now send and receive requests using HTTP/2 (TLS enabled and plaintext version) natively.

  • beSTORM will now recommend you upgrade your version of beSTORM if a newer version is available.

November 2020

Version 10.11.17

November 17, 2020

Fixes

  • Fixed an overflow issue in the PCAN interface that was causing the hardware device to hang.

  • Fixed an issue that prevented large CANBUS/FD (8bytes/64bytes) from being sent.

  • Fixed an issue with the Python3 exported script.

October 2020

Version 10.10.20

October 20, 2020

Enhancements

  • Added support for UDS (PCAN) directives.

Fixes

  • Fixed an issue related to the beSTORM x64 version and Auto Learn.

  • Fixed an issue related to OpenAPI reading Postman files.

September 2020

Version 10.9.16

September 16, 2020

Fixes

  • Fixed multiple issues with the x64 version of beSTORM.

Version 10.9.8

September 8, 2020

Enhancements

  • Added new command line options to the Linux version of beSTORM:

    • returntestcount = Returns the number of combinations for a given Module.

    • nocustom = Prevents beSTORM from starting a project and assume its a custom module because Module name is invalid.

  • Updated the Linux version of beSTORM to include modules that did not have the required library support (for example, Serial Interface).

  • Updated the Linux version of beSTORM so that it now prints out errors and stops immediately as they occur to prevent CI/CD implementations from not being aware of the problems.

Fixes

  • Fixed an issue where roles were reversed causing the OpenSwitch modules to not operate as expected.

June 2020

Version 10.6.30

June 30, 2020

Enhancements

  • Added the UDS (Unified Diagnostic Services) module.

  • Updated support for CAN and CANFD to allow Signal Mixing, simplifying the building of the modules (you now write the values as bytes with a mask on them rather than in bits, making it less confusing to write large modules and easier to implement custom fuzzing values/fields).

  • Added support for the ValueCAN family of devices (by way of the ICS Interface).

March 2020

Version 10.3.9

March 9, 2020

Enhancements

  • Expanded the Web Application auto learn to support Postman v2 JSON file in addition to supporting OpenAPI.

  • Added support for custom headers to the Web Application auto learn to allow easier facilitation of Bearer, X-API-Key and similar headers.

  • Updated the Postman v2 import to support the ability to import Folders.

  • Updated the Web API to support large API calls (over 1000 different API calls) due to design changes to the module structure.

  • Removed support for the SCTP module due to lack of SCTP libraries on Windows.

  • Added the Diagnostic over Internet Protocol (doIP) module.

  • Extended support for CANFD to allow a customized CAN Initiation String (for example: f_clock_mhz=24, nom_brp=1, nom_tseg1=17, nom_tseg2=6, nom_sjw=1, data_brp=1, data_tseg1=16, data_tseg2=7, data_sjw=1).

February 2020

Version 10.2.20

February 20, 2020

Enhancements

  • Added support for converting DBC files to BSM (beSTORM modules) to PCAN.

  • Updated the DBC conversion to automatically decide the type of CAN bus to use (FD or regular), based on the message sizes in the description.

  • Improved the DBC Generator to detect messages longer than 64-bit (CAN FD support).

  • Udpated the DBC Generator to output errors to the beSTORM interface to improve issue debugging.

  • Updated the PCAN Interface to issue a warning when a CAN FD message is provided (where a CANBUS message is expected).

  • Updated the DBC Generator to prevent malformed messages from being generated (CAN FD messages to CANBUSTER - messages whose ID is longer than 29bits, etc.).

Fixes

  • Fixed several minor issues related to report generation, and module control and output.

  • Fixed an issue where the OPC module was not correctly setting the Timeout value, causing the module to fault on some advance testing.

  • Fixed an issue where migration from OpenSSL 1.0 to 1.1 caused some functionality related to MD5 geting lost, affecting SNMPv3 protocols

Back to Beyond Security Products