Trying Netsparker is easy and completely free. Just click the button at the right to claim your 15-day evaluation copy of Netsparker Professional. No payment is required and we will not ask for your credit card details.
A complete web application security audit cannot be completed using a single application, hence a good web security tool needs to play well with others, and that is what Netsparker Web Application Security Scanner does.
To enable Netsparker to security test web applications that have been previously tested or crawled by other tools, and to give more flexibility to penetration testers who like to use multiple security tools in their security audits, Netsparker can import session data from several other popular third-party tools.
Netsparker is currently able to import session data from Fiddler, Paros, Burp and other popular proxies and tools. It can also import sessions from raw HTTP requests and links typically generated by proxy or custom tools.
Through close collaboration with a selection of other security tool vendors, Netsparker has been designed to inter-operate with their products so it can be easily integrated into your software development lifecycle (SDLC).
Tools that currently inter-operate with Netsparker include: Metasploit, Metasploit Express, Metasploit Pro, Threadfix Vulnerability Manager, Kenna Security Vulnerability & Risk Intelligence (previously Risk I/O Vulnerability Dashboard), LunarLine Vulnerability Scan Converter and Dradis Framework.
Netsparker can submit identified vulnerabilities with their technical details as new tickets in bug tracking and code management systems such as JIRA and Github. Such functionality allows organizations to automate more of the development process, thus saving on man hours which could be used to remediate vulnerabilities instead. A well-documented API is also available for bug tracking system integrations, allowing users to easily integrate Netsparker with their bug tracking system of choice. For more information read Integrating Netsparker with Bug Tracking Systems to Easily Export Identified Vulnerabilities as Issues.
Automatically trigger a silent and unmanned web vulnerability scan from the Build / Continuous Integration server each time a new build is available via the Netsparker command line interface. By combining the trigger of automated scans and bug tracking system integration organizations can automate almost all of the QA process.
In most cases, security flaw fixes cannot be implemented within just a few minutes, especially if the web application is live. In such case when you use Netsparker you can export the website security scan results as ModSecurity, to temporarily cover up the identified vulnerabilities.