A new update of Netsparker Web Application Security Scanner is available for download. This is a minor version update which includes a number of improvements and bug fixes that will improve the efficiency of web security scans.
When using the wizard to configure URL rewrite rules now you can specify the type of the parameter as highlighted in the below screenshot.
Once you specify a parameter type Netsparker will automatically fine tune the regular expression so no extra HTTP requests are sent during a web vulnerability scan. The end result? More efficient and precise web security scans that consume less bandwidth.
In the previous version of Netsparker we launched the all new DOM parser and DOM XSS scanner, enabling Netsparker to detect DOM based cross-site scripting vulnerabilities, which are relatively common in modern HTML5 web applications.
We have already learnt a lot and for this version we optimized both the DOM parser and the DOM XSS scanner to ensure they work more efficiently and detect more variants of the DOM based vulnerabilities.
Since both the DOM parser and scanner are now more efficient, scanning of DOM based cross-site scripting vulnerabilities is now included by default in the built-in scan policies.
Apart from the above major updates, Netsparker 3.5.5 includes several other improvements and a number of bug fixes. For more detailed information refer to the Netsparker 3.5.5 change log.
If you are already using Netsparker Web Application Security Scanner, a pop up window with the upgrade details will pop up the next time you run Netsparker. Alternatively you can always click Check for Updates from the Help drop down menu to force manual updates.
If you have problems with the upgrade or product related queries, get in touch with our awesome support team by sending us an email on email@example.com.