- In March we released a new version : Netsparker 1.3.0.0 - increased performance, much better and effective Cross-site Scripting checks, user interface improvements, better proxy management and support and many other improvements. In April we released another version Netsparker 1.3.7.38. Adds better proxy management, experimental Second Order SQL Injection engine and many other improvements.
- We released our Free web application security scanner - Netsparker Community Edition, which was a great release. Currently there are thousands of Community Editions users and a new update for Netsparker Community Edition is ready as well. We are planning to release it soon.
- We have a new Help Desk and Forum to provide better support for Netsparker and Community Edition users. You can find Netsparker FAQ and some tips and tricks like Reading target websites from a text file.
Couple of Reviews
… Overall, I was quite impressed. The fact that it actually goes and tries the attacks with some dummy data, or even data that was pulled from context on the site is quite impressive. It even gives you tips or direct commands to run in order to fix some of the known issues. And where it doesn’t give specifics, it points you to the OWASP site for guidelines. I might have to look towards this again and will definitely keep a reference to it in my toolbox for future endeavours…
Gemini Security - Security Musings Blog, Netsparker
.. The community edition also found SQLi that AppScan failed to in a side by side test. ..
Cosine Security, Netsparker Community Edition Review
.. If we are to truly take any of this data seriously, then we must realize that Netsparker was the only web application security scanner that performed well in any sort of benchmarks I've seen yet. Crazier, it's the only one that's free that performs better than W3AF or Skipfish (and by a lot!). Netsparker Pro also carries one of the cheapest price tags I've seen or heard of. I would be interested to try it out and benchmark it more, especially after seeing the Community Edition. It's possible that Netsparker was released this way because they know that they have a superior product compared to the rest of the market ..
ntp, Web application scanners discussing in Sla.ckers
Couple of Twitter Mentions
@_ikki Netsparker's crawler rocks! I've just found a test script undetected by Acunetix and Skipfish.
@ToolsWatch Just finished a pentest (Netsparker was a great help). Thanks Netsparker Community Edition (i hijacked stream to spawn a shell :)
@abhaybhargav Netsparker is a great tool! It has some very unique features! Kudos!
We are going to release this update in couple of days, keep watching us, @netsparker.
Clik here to view.
Clik here to view.
Clik here to view.
Clik here to view.