[Netsparker Community Edition v2.5.2.0] Released!

Wednesday, February 27, 2013

Netsparker Community Edition is a SQL Injection Scanner. It’s a free edition of our web vulnerability scanner for the community so you can start securing your website now. It’s user friendly, fast, smart and as always False-Positive-Free.

It shares many features with professional edition. It can detect SQL Injection and XSS issues better than many other scanners (if not all), and it’s completely FREE.

Netsparker can scan for lots of web security vulnerabilities, this free version of Netsparker is a great SQL injection scanner. It can scan and exploit SQL Injection vulnerabilities in different back-end databases with really high accuracy and without any false-positives. Netsparker is the best SQL Injection Scanner among the all commercial, free and open source web vulnerability scanner according to 3rd party benchmark by finding 98.53% of all SQL Injections in tests1.

Netsparker CE features

  • False-Positive Free
  • AjAX/JavaScript Supp0rt
  • Hassle Free Licensing
  • Heuristic Cust0m 4o4 Support
  • Free Automated Updates
  • Error Based SqL Injection
  • Boolean Based SQL Injection
  • Reflective Cross-site ScriptIng (xss)
  • Permanent/St0red Cross-site Scripting (XSS)
  • and many more

Security Checks that come with CE

Error Based SQL Injection
Boolean Based SQL Injection
Time Based Blind SQL Injection
Local File Inclusion
Remote File Inclusions
Remote Code Injection / Evaluation
Cross-site Scripting (XSS) via RFI
Reflective Cross-site Scripting (XSS)
Permanent/Stored Cross-site Scripting (XSS)
OS Level Command Injection
CRLF / HTTP Header Injection / Response Splitting
Open Redirect
Find Backup Files
Crossdomain.xml Analysis
Finds and Analyse Potential Issues in Robots.txt
Finds and Analyse Google Sitemap Files
Detect TRACE / TRACK Method Support
Detect ASP.NET Debugging
Detect ASP.NET Trace
ASP.NET ViewState Analysis
ViewState is not Signed
ViewState is not Encrypted
Post Exploitation Checks
E-mail Address Disclosure
Internal IP Disclosure
Cookies are not marked as Secure
Cookies are not marked as HTTPOnly
Directory Listing
Stack Trace Disclosure
Version Disclosure
Access Denied Resources
Internal Path Disclosure
Programming Error Messages
Database Error Messages
CVS, GIT and SVN Information and Source Code Disclosure
Find PHPInfo() pages and PHPInfo() disclosures
Apache Server-Status and Apache Server-Info pages
Find Hidden Resources
Basic Authentication over HTTP
Password Transmitted over HTTP
Password Form Served over HTTP
Source Code Disclosure
Auto Complete Enabled



Subscribe via e-mail for updates!