diff --git a/MANIFEST b/MANIFEST
index 78ea03f4e30115acb4d4e9753b4a6042a2391e41..2ca13de70dfa8347c12426ba7f5dbd2f7acb9568 100644
--- a/MANIFEST
+++ b/MANIFEST
@@ -1,3 +1,3 @@
-VERSION=v1.4.4
+VERSION=v1.4.5
 SERVICE=vat-genscan
 
diff --git a/install/base.sh b/install/base.sh
index ff0a28aad3fb372d37cb8a04f6eda6c80939f1b3..11087b14c29b8a6575435584b2a92d269053bd3a 100644
--- a/install/base.sh
+++ b/install/base.sh
@@ -3,10 +3,21 @@
 set -e
 
 apt update
-apt install -y wget unzip git python3-dev python3-pip python2.7-dev curl vim
+apt install -y wget unzip git python3-dev python3-pip python2.7-dev curl vim build-essential
 cd /tmp
 mkdir -p /service
 #newer version of pip2 than through apt
 wget -nv https://bootstrap.pypa.io/pip/2.7/get-pip.py
 python2.7 get-pip.py
 
+# openssl 1.1.1
+cd /tmp
+wget https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/openssl/1.1.1-1ubuntu1/openssl_1.1.1.orig.tar.gz
+tar xf openssl_1.1.1.orig.tar.gz
+cd openssl-1.1.1
+./config
+make
+make install
+
+# make wget use proper root CA certs
+printf "\nca_directory=/etc/ssl/certs" | tee -a /etc/wgetrc
diff --git a/install/cscan.sh b/install/cscan.sh
index 89f6733ab684a94553a94fb87b43de26d059497b..c8af58fec1f7cb3d1baad6a8cc9aa6b5c921efcc 100644
--- a/install/cscan.sh
+++ b/install/cscan.sh
@@ -4,7 +4,7 @@ set -e
 
 cd /tmp
 
-apt install -y libpq-dev
+apt install -y libpq-dev libjpeg-dev zlib1g-dev
 
 #rust (needed for cryptography)
 curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
@@ -22,4 +22,3 @@ patch /service/cscan/plugin/w3af.py /tmp/w3af-plugin.patch
 patch /service/cscan/cscan.py /tmp/cscan.patch
 echo "" > /service/cscan/ips.txt
 echo "" > /service/cscan/websites.txt
-
diff --git a/install/requirements.txt b/install/requirements.txt
index 3cd110fbcff3db4dcba3e9d66db599e7c41e803b..4716d87a318d32dceb339a076ed46cedf7f8bc4e 100644
--- a/install/requirements.txt
+++ b/install/requirements.txt
@@ -5,7 +5,7 @@ backports-abc==0.5
 biplist==1.0.3
 blinker==1.4
 bravado==9.2.2
-bravado-core==5.12.1
+bravado-core==5.15.0
 certifi==2018.11.29
 cffi==1.12.2
 chardet==3.0.4
@@ -24,7 +24,7 @@ future==0.17.1
 futures==3.2.0
 gitdb==0.6.4
 gitdb2==2.0.5
-GitPython==2.1.3
+GitPython==2.1.15
 guess-language==0.2
 halberd==0.2.4
 hpack==3.0.0
@@ -91,6 +91,7 @@ tblib==0.2.0
 termcolor==1.1.0
 tldextract==1.7.2
 tornado==5.1.1
+typing==3.10.0.0
 urllib3==1.24.1
 urwid==2.0.1
 vulndb==0.1.1
diff --git a/install/w3af.sh b/install/w3af.sh
index dddc421db16f4340e74ebaff1d12569b4708bd94..cf0fbcc5ae12a7215e3c08bc8f94399c66392bfc 100644
--- a/install/w3af.sh
+++ b/install/w3af.sh
@@ -3,7 +3,7 @@
 set -e
 
 #requirements for w3af
-apt install -y build-essential libxml2-dev libxslt1-dev zlib1g-dev libssl-dev
+apt install -y libxml2-dev libxslt1-dev zlib1g-dev
 #w3af_api_client for python3
 wget -nv https://github.com/andresriancho/w3af-api-client/archive/master.zip
 unzip master.zip
@@ -17,16 +17,17 @@ cd /tmp
 #pip (again) only because strict w3af dependency checks
 apt install -y python-pip
 pip2 install -r /tmp/requirements.txt
-pip2 install git+git://github.com/hay/xml2json.git@3a674efad91e0f1e978babc41a72f297d5e5144b
+pip2 install https://github.com/hay/xml2json/zipball/master
 #node and retire
 apt install -y npm
-npm install -g retire
+npm install -g retire@2.0.3
+npm update -g retire
 #W3AF
 apt install -y libffi-dev libsqlite3-dev libyaml-dev
 cd /tmp
-wget -nv https://github.com/andresriancho/w3af/archive/1910600684c22c767a1105fbfcb051db73ad1280.zip
-unzip -q 1910600684c22c767a1105fbfcb051db73ad1280.zip
-mv w3af-1910600684c22c767a1105fbfcb051db73ad1280 /service/w3af
+wget -nv https://github.com/andresriancho/w3af/archive/cd22e5252243a87aaa6d0ddea47cf58dacfe00a9.zip
+unzip -q cd22e5252243a87aaa6d0ddea47cf58dacfe00a9.zip
+mv w3af-cd22e5252243a87aaa6d0ddea47cf58dacfe00a9 /service/w3af
 
 ## for authenticated scans
 #cp ~/extended_generic.py w3af/plugins/auth/
diff --git a/install/zap.sh b/install/zap.sh
index 13aad098ef72c3e2230358962db5f14c5100a8a2..f8f48324653e5a1423721570f6914bc88a552bf2 100644
--- a/install/zap.sh
+++ b/install/zap.sh
@@ -2,9 +2,8 @@
 
 set -e
 
-apt install -y openjdk-8-jre
+apt install -y openjdk-11-jre
 cd /tmp
-wget -nv https://github.com/zaproxy/zaproxy/releases/download/v2.9.0/ZAP_2.9.0_Linux.tar.gz
-tar xzf ZAP_2.9.0_Linux.tar.gz
-mv ZAP_2.9.0 /service/ZAP
-
+wget -nv https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz
+tar xzf ZAP_2.12.0_Linux.tar.gz
+mv ZAP_2.12.0 /service/ZAP