We just released a new update of Netsparker Desktop web application security scanner. Below are some highlights of what is new, improved and fixed in version 220.127.116.1186.
New in Netsparker Desktop Update of April 2016
- Added the generation of a Proof of Concept for the CSRF vulnerability. This means that when the scanner identifies a CSRF vulnerability it will automatically exploit it in a safe manner and generate a proof of concept to highlight the impact of the vulnerability.
- Support for automated scanning of Parameter-Based Navigation websites. We have added new options in the Scan Policy so you can automatically scan and detect vulnerabilities in parameter-based navigation websites. You can read more about this technology and settings in Scanning Parameter-Based Navigation Websites for Vulnerabilities.
- Added a new setting in the Scan Policy that allows the users to specify the file extensions of files that should be text-parsed during a scan.
Improvements in Netsparker Desktop Update of April 2016
- We added the Smart DFS technology to the DOM parser so it can heuristically recognize similarities in parameters. Therefore it will avoid scanning the same or similar parameters multiple times, making the web vulnerability scan more efficient.
- Improved the out of the box settings of the JIRA integration / Send To actions.
Other Improvements and Bug Fixes
For a complete and detailed list of what is new, improved and fixed in the April 2016 update of Netsparker Desktop web application security scanner refer to the web scanner's changelog.