Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting (XSS) and security issues on all web applications and websites regardless of the platform and the technology they are built on.
Netsparker is very easy to use and its unique detection and safe exploitation techniques allow it to be dead accurate in reporting hence it is the first and only False Positive Free web vulnerability scanner, therefore users can focus on remediating reported vulnerabilities and security issues without wasting time on learning how to use the web vulnerability scanner or verify its findings.
* New option available to specify the type of parameter when configuring URL rewrite rules, e.g. numeric, date, alphanumeric
Improved the performance of the DOM Parser
Improved the performance of the DOM cross-site scripting scanner
Optimized DOM XSS Scanner to avoid scanning pages with same source code
Changed the default HTTP User agent string of built-in policies to Chrome web browser User agent string
Improved selected element simulation for select HTML elements
Added new patterns for Open Redirect engine
Fixed a bug in WSDL parser which prevents web service detection if XML comments are present before the definitions tag
Fixed a bug in WSDL parser which prevents web service detection if an external schema request gets a 404 not found response
Fixed a bug that occurs when custom URL rewrite rules do not match the URL with injected attack pattern and request is not performed
Fixed a configure form authentication wizard problem where the web browser does not load the page if the target site uses client certificates
Fixed a crash in configure form authentication wizard that occurs when HTML source code contains an object element with data: URL scheme is requested
Fixed a bug in DOM Parser where events are not simulated for elements inside frames
* Fixed a cookie parsing bug where a malformed cookie was causing an empty HTTP response