Netsparker is a web application security scanner, with support for both detection and exploitation of vulnerabilities. It aims to be false positive–free by only reporting confirmed vulnerabilities after successfully exploiting or otherwise testing them.
For downloads and more information,
visit the Netsparker homepage.
HOLY CRAP IT'S NOT FREE any more! You can have it free for 15 days, but after that it's either $1,950/yr for subscription to download or they have cloud pricing; they have gone full Adobe corporate pricing model.
Well, good for them, I hope that is a sign of success, but this is not for amateurs, students, or beginners, that's for certain. I worked at an infosec company and they didn't even pay that much, I'm almost certain.
I used Netsparker community and commercial versions on several penetration testing assignments with very good results. The tool is very easy to setup and use, it dispays findings in a nice dashboard which can also be exported to pdf reports. It's generally free from false positives, however some vulnerabilities may be overrated depending on the business impact of the target application.
Along with your rating, you can use the comment form to post a review,
tutorial, tips and tricks, or anything else others will find useful.
If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).