What is Netsparker Desktop?
Netsparker Desktop is available as a Windows application and is an easy-to-use web application security scanner that uses the advanced Proof-Based Scanning
Netsparker's unique Proof-Based ScanningTM technology allows you to allocate more time to fix the reported flaws.
Netsparker automatically exploits the identified vulnerabilities in a read-only and safe way, and also produces a proof of exploitation. Therefore you can immediately see the impact of the vulnerability and do not have to manually verify it.
Netsparker's dead accurate scanning technology finds more vulnerabilities.
Netsparker’s unique vulnerability scanning technology has better coverage and finds more vulnerabilities than any other scanner, as proven when tested in head to head independent comparison tests.
Netsparker Desktop allows you to automate more.
The primary goal of a web application security scanner is to eliminate the repetitive drudgery of web security testing, leaving you free to use your skills in areas where you make a real difference. Netsparker Desktop boasts an arsenal of automated security testing weapons that get straight to the point, providing users with the precise information.
Easy to Use - Start a scan in just seconds
You need the right tools to get the job done without the extended learning curve. Netsparker Desktop is just that. It has an intuitive user interface that allows you to start scanning your web applications within seconds.
Scan Any Type of Web Application
Netsparker fully supports AJAX and JavaScript-based applications and can scan any type of web application, regardless of the technology it is built with. Therefore you do not have to get bogged with configuring the scanner and can rely on the comprehensive security scanning engine to scan modern HTML5, SPA, Web 2.0 applications and any other type of web application.
Detect More Vulnerabilities in Your Web Applications and Web Services
Netsparker web application security scanner identified all the direct impact vulnerabilities when tested in third party independent benchmark tests**, thus leading all other scanners. These results are further proof that the Netsparker scanners have the most advanced and dead accurate crawling & vulnerability scanning technology, and the highest web vulnerabilities detection rate. So why settle for the second best?
| Detection Rate |
False Positives Tests |
|
|---|---|---|
| SQL Injection Detection |
SQLI (100%) 136/136 |
100% (0/10) |
| Reflected XSS Detecion |
RXSS (100%) 66/66 |
100% (0/7) |
| Local File Inclusion Detection |
LFI (100%) 816/816 |
100% (0/8) |
| Remote File Inclusion Detection |
RFI (100%) 108/108 |
100% (0/6) |
| Unvalidated Redirect Detection |
Redirect (100%) 30/30 |
100% (0/9) |
| Old, Backup Files Detection |
Backup (72.83%) 134/184 |
100% (0/3) |
Statistics from SecToolMarket’s 2014/2015 Web Application Security Scanners Benchmark. For more information refer to Automated Web Application Security Scanners Comparison.
Automate more with Netsparker
Netsparker scanners have a unique self-fine-tuning technology. You do not have to configure URL rewrite rules or custom 404 error pages. And when scanning a password protected website you have to simply specify the credentials without the need to record any login macros. With such automation you can scan 100s & 1000s of websites without wasting hours getting bogged down in configuring the scanners.
No need to manually verify web vulnerabilities
You do not have to manually verify the vulnerabilities the Netsparker scanner identify during a scan because it automatically exploit detected vulnerabilities in a safe and read-only way. The scanner also generates a proof of exploit highlighting its impact. Netsparker will alert you If a vulnerability cannot be verified automatically.
What Our Customers are Saying
This is probably the best web-app tool that I have ever seen. Of course, I am not a hacker... Really :) But I have reviewed some penetration test results and other tools, and of course I know a lot of hackers, so I can say that your tool covers all of the most important things.
Eli Jellenc
International Cyber Threat Analysis Manager - Verisign
The software is an important part of my security strategy which is in progress toward other services at OECD. And I find it better than external expertise. I had, of course, the opportunity to compare expertise reports with Netsparker ones. Netsparker was better, finding more breaches.
Bruno Urban
OECD
This is nice to have as it recap what Netsparker is all about. Also, Grant Thornton is the fifth largest accountancy firm in the world, so worth having them.
Cecil Su
Grant Thornton
When you have to scan hundreds of web applications and identify exploitable vulnerabilities on all of them, Netsparker is THE essential easy to use tool that provides professional reports with clear explanations and steps to remedy them.
Mihai Petre
Morneau Shepell
When we were evaluating web application security scanners, Netsparker was the scanner that identified most vulnerabilities without requiring any configuration changes. It also identified several SQL Injection and Cross-site Scripting vulnerabilities that other scanners did not identify.
Perry Mertens
ING Eurasia Bank
We chose Netsparker since it is very easy to use. It helped our team increase the visibility into the security of our web applications,
It is more tailored to web application security and has features that allow the university to augment its web application security needs.
Dan Fryer
Oakland University
