Advanced Crawling & Scanning Technology

You can automatically scan any type of web application, web service and web API with Netsparker, regardless of the technology, framework or language it is built with or the web server on which it is hosted.

Behind its deceptively simple user interface, the Netsparker web security solution hosts an advanced suite of scanning technologies. Each component is designed to probe deep into any type of web application, identifying security flaws and exploitable vulnerabilities that other products miss or leave to chance.

AJAX/JavaScript Support

As part of its response parsing mechanism, Netsparker incorporates a dedicated JavaScript engine that can parse, execute and analyze the output of JavaScript.

Logos of popular frameworks and development languages

This allows Netsparker to successfully crawl and interpret modern and custom HTML5, Web 2.0 and Single Page Applications (SPAs) that rely heavily on client-side scripting, including AJAX operations or page content that is dynamically created using well-known frameworks such as jQuery and AngularJS.

Automated Authentication

Netsparker has an easy to configure authentication module that scans password-protected sections of your web applications.

Netsparker Automated Authentication - New Scan

Credentials are configured without the need to record login macros. Netsparker supports Basic, Form-based, NTML, Digest, Kerberos, Client Certificate, and Smart Card authentication.

Netsparker Automated Authentication - Start New Scan

Automated Pre-Scan Stage

Automated Pre-Scan Stage - New Scan General

To ensure Netsparker automatically crawls any target web application without requiring you to get tangled in the details, it also incorporates the following tools:

  • Anti-CSRF Token Support – Netsparker scans websites that have CSRF (Cross-site Request Forgery) exploitation attack protection, without disabling the protection
  • Automatic Detection of Custom 404 Error Pages – Netsparker automatically detects and handles custom 404 error pages and reports any vulnerabilities
  • Heuristic & Automated Detection of URL Rewrites – Netsparker heuristically detects the patterns and adapts itself to crawl and scan all parameters on target web applications

Try a Demo of Netsparker Today

Try our fully customizable and scalable scanning software today.
No payment is required and we will not ask for your credit card details.

Get a demo