Why Framework Choice Matters in Web Application Security

Category: Web Security Readings - Last Updated: Thu, 10 Jan 2019 - by Ferruh Mavituna
Why Framework Choice Matters in Web Application Security

Our CEO, Ferruh Mavituna, explains why the framework you choose for your web applications matters. Even if you build the most secure application, when your framework is vulnerable, your application is too. He debunks some myths regarding the similarity of popular frameworks, and provides good reasons to check whether yours is secure by default. Read More

SQL Injection Cheat Sheet

Category: Web Security Readings - Last Updated: Wed, 21 Oct 2015 - by Ferruh Mavituna
SQL Injection Cheat Sheet

Use our SQL Injection Cheat Sheet to learn about the different variants of the SQL Injection vulnerability. In this cheat sheet you can find detailed technical information about SQL Injection vulnerabilities against MySQL, Microsoft SQL Server, Oracle and PostgreSQL SQL servers. Read More

The Wait is Over, Netsparker 3.1 is Here with Full HTML5 Support

Category: Releases - Last Updated: Thu, 26 Oct 2017 - by Ferruh Mavituna

Netsparker Version 3.1 is a major version update. With this version of the false positive free web application security scanner Netsparker, users can scan and identify security issues in HTML5 web applications. This new version of Netsparker also includes a number of new security checks for Web 2.0 web applications, can inject JSON and XML HTTP requests, reports much more information about the target web application and much more. Read this post for a complete detailed list of what is new and improved in Netsparker 3.1 Read More

5 Lessons We Have learnt from Netsparker Software Releases

Category: News - Last Updated: Thu, 02 Feb 2012 - by Ferruh Mavituna

In this blog post, Ferruh Mavituna explains what he and his team has learnt from the releases of Netsparker Web Application Security Scanner. Ferruh shares his experience of how everything is done, how the team works and how every decision, even a small one might affect the whole release cycle of Netsparker. Read More

How Netsparker ensures False Positives Free Web Vulnerability Scans

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Ferruh Mavituna

This web application security blog post explains why false positives are one of the biggest problem of today's commercial web application vulnerability scanners and also explains what the Netsparker team is doing to ensure that Netsparker Web Application Security Scanner does not report false positives when doing a web application security scan. Read More

WebRaider

Category: Web Security Readings - Last Updated: Sat, 27 Feb 2010 - by Ferruh Mavituna

WebRaider is a proof of concept tool to get reverse shell from an SQL Injection with one request, without using any extra channels such as TFTP or FTP to upload the initial payload. Read More