Yet again we pushed our limits to bring you a new update, Netsparker 1.5.0.0 "Control" Release. Beside of the casual improvements and polishing we have some new and cool features in this release. We mostly focused on features that gives more control to the user over the scan. Ability to exclude folders, crawl the application by using Netsparker’s internal proxy, import links and from proxies etc.
Manual Crawl - Proxy Mode
If you want to crawl your website and show Netsparker where to test then this is for you. Start Netsparker's internal proxy and configure your browser to Netsparker's internal proxy and browser the website.
When you done just click Resume and Netsparker will test the crawled parts of the application. If you still want to exclude some crawled pages from the attack then you can just right click on them and choose Exclude from Attack.
Exclude from Attack
It's pretty straight and really useful feature. If you don't want Netsparker to attack a certain page (i.e. contact form) just right click on that page in the Site Map and click Exclude from Attack.
Import / Enter Links and HTTP Requests
Sometimes you know there is a part of the application that Netsparker cannot crawl (a non linked URL, a page behind a Java Applet, ActiveX or a Flash). Now all you need to do is giving these HTTP Requests / Links to Netsparker.
It's pretty easy to do this, Netsparker supports log files from proxies such as Fiddler, Burp, Webscarab, Paros or you can just use a plain text file.
To make things even simpler just type this URLs not only in the beginning of the scan even during the crawling phase.
If you don't care about having more control over your scans then don't worry you can still type the URL and click "Start Scan" and it'll do just fine.
Update
If you have a valid Netsparker Professional or Standard license then all you need to do is click "Help > Check Updates" to update to Netsparker 1.5.0.0