Netsparker's Web Application Security Blog


Category: Web Security Readings - Last Updated: Sat, 27 Feb 2010 - by Ferruh Mavituna

WebRaider is a proof of concept tool to get reverse shell from an SQL Injection with one request, without using any extra channels such as TFTP or FTP to upload the initial payload. Read More

False Positive Free Scanning

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Ferruh Mavituna

When I tell someone that Netsparker is a False Positive Free web application security scanner, they’ll stare at me and think “Well, yet another lunatic!” They never actually said that but I can read it from their faces. They won’t say much assuming I’m a mad person who claims a scanner can avoid false positives and since I’m a mad person, I can be dangerous. I assume that’s why they generally choose to be silent after that claim! Read More