… Overall, I was quite impressed. The fact that it actually goes and tries the attacks with some dummy data, or even data that was pulled from context on the site is quite impressive. It even gives you tips or direct commands to run in order to fix some of the known issues. And where it doesn’t give specifics, it points you to the OWASP site for guidelines. I might have to look towards this again and will definitely keep a reference to it in my toolbox for future endeavours…
.. The community edition also found SQLi that AppScan failed to in a side by side test. ..
.. If we are to truly take any of this data seriously, then we must realize that Netsparker was the only web application security scanner that performed well in any sort of benchmarks I've seen yet. Crazier, it's the only one that's free that performs better than W3AF or Skipfish (and by a lot!). Netsparker Pro also carries one of the cheapest price tags I've seen or heard of. I would be interested to try it out and benchmark it more, especially after seeing the Community Edition. It's possible that Netsparker was released this way because they know that they have a superior product compared to the rest of the market ..
@_ikki Netsparker's crawler rocks! I've just found a test script undetected by Acunetix and Skipfish.
@ToolsWatch Just finished a pentest (Netsparker was a great help). Thanks Netsparker Community Edition (i hijacked stream to spawn a shell :)
@abhaybhargav Netsparker is a great tool! It has some very unique features! Kudos!
We are going to release this update in couple of days, keep watching us, @netsparker.