Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive–free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them. For downloads and more information, visit the Netsparker homepage.
- #75, new!
- Latest release
- Feb. 10, 2011 (12 years, 3 months ago)
- ★★★★★ (5)
★★★★★100% ★★★★0% ★★★0% ★★0% ★0%
HOLY CRAP IT'S NOT FREE any more! You can have it free for 15 days, but after that it's either $1,950/yr for subscription to download or they have cloud pricing; they have gone full Adobe corporate pricing model.
Well, good for them, I hope that is a sign of success, but this is not for amateurs, students, or beginners, that's for certain. I worked at an infosec company and they didn't even pay that much, I'm almost certain.
I tried community and commercial editions and I think it is best tool in this field.
I used Netsparker community and commercial versions on several penetration testing assignments with very good results. The tool is very easy to setup and use, it dispays findings in a nice dashboard which can also be exported to pdf reports. It's generally free from false positives, however some vulnerabilities may be overrated depending on the business impact of the target application.
NetSparker is one of the best tool I found to test web applications. The best test been done using this vulnerability scanner is XSS.
I have been using netsparker for a while and have been impressed with the results it has returned (esoteric xss that burp pro/w3af didn't pick up).
Very nice work