Asset discovery enhancements

We’ve significantly expanded external asset coverage; all changes apply automatically to existing discovery workflows (no user action required):

• Subdomain discovery now includes 2 additional sources for deeper discovery (for Enterprise customers only).

• Alterx integration now leverages Regulator for richer DNS permutations, building on the existing DNS Permute option.

• Chaos TLS API is now used for IP discovery, in addition to SSL certificate–based discovery.

• Chaos DNS API has been updated, adding over 2 billion subdomains to the DNS dataset.

• DNS brute-force now supports 2nd level bruteforce for subdomains with wildcard certificates and automatically retries on timeouts.

These improvements are live for all discovery jobs in ProjectDiscovery Cloud.

Added controls in scan configuration

We’ve added new controls to make scan configuration more precise and easier to manage.

• Private templates in scan profiles

  • You can now use private/custom Nuclei templates directly in scan template profiles, making it easier to standardize organization-specific detections across scans

• Asset inclusion filters

  • We’ve added asset inclusion filters for per-scan and per-discovery configuration. In addition to excluding assets, you can now explicitly include assets to be scanned or discovered.

• Default Static IP selection

  • Static IP is now enabled automatically when Static Scan is turned on, removing a previous manual step.

Integrations

• Mattermost is now supported as an alerting destination, alongside existing notification channels.

• Azure integration now supports 10+ additional services, bringing service coverage closer to AWS parity.

• GCP integration now supports short-lived tokens in addition to static tokens (API only; UI support coming).

Reports

You can now generate PDF reports directly from the Reporting page and via API. This allows teams to package findings into a clean PDF for leadership, auditors, or customers without manual exporting. Reports can also be automated via API as part of existing workflows.

Improvements

• Enhanced API error messaging for restricted/blocked templates in Cloud, with clearer feedback on why a template cannot be used.

• Onboarding experience refinements across the UI to make it easier to get from first login to first scan.

Fixes

• Fixed DNS wildcard detection for more accurate subdomain enumeration and reduced false positives.

• Fixed issue with screenshot capture/display showing incorrectly formatted data under certain conditions.

• Fixed issue with discovering additional ports outside the configured port list.

• Vulnerability retest now respects the original Scan Configuration when available; previously, some settings were ignored.

• Vulnerability retest for early-template findings now uses the correct URL/target instead of template content, ensuring updated Nuclei templates are applied correctly.

• GitHub integration: template updates now sync as expected when existing template files are modified.