Detect DOM Based Cross-Site Scripting Vulnerabilities in Web 2.0 and HTML5 Web Applications with Netsparker Web Application Security Scanner

The new version of Netsparker Web Application Security Scanner will automatically detect DOM cross-site scripting vulnerabilities, allows the users to easily configure URL rewrite rules to scan parameters in the URLs, and has an all new Chrome based crawler that allows it to crawl a wider variety of web applications.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend
Netsparker Logo

Netsparker Web Application Security Scanner

(PRWEB) July 17, 2014

Netsparker Ltd today announced the release of Netsparker Web Application Security Scanner Version 3.5, the leading false positive free web vulnerability scanner that simulates malicious hacker attacks and enables web application security professionals to automatically identify vulnerabilities and other security issues in their web applications.

The new version of Netsparker Web Application Security Scanner can automatically detect the widely exploited DOM based cross-site scripting vulnerability in web applications. It also has a new Chrome based crawler that allows it to crawl a wider variety of web applications and has an all new user friendly wizard that allows users to easily configure URL rewrites rules to scan parameters in URLs.

Automatically Detect DOM Cross-Site Scripting with Netsparker

Unlike the traditional cross-site scripting vulnerability, DOM XSS affects the script code in the client’s web browser. Since many modern Web 2.0 and HTML 5 web application heavily depend on client-side scripts, most of them are typically susceptible to DOM XSS. As a matter of fact, malicious hackers are taking advantage of this vulnerability, making DOM XSS a popular exploited vulnerability.

The latest version of Netsparker can automatically identify DOM based cross-site scripting vulnerabilities in web applications. Once the vulnerability is detected, Netsparker will report all the technical details developers need to learn about this modern vulnerability and remediate the issue as soon as possible.

Configure URL Rewrite Rules via a Wizard to Attack Parameters in URL

Unlike with other security products, configuring URL rewrite rules in Netsparker is very easy and is done via a user friendly wizard. You do not need to know about regular expressions and specify complicated patterns. You do not even need to know what are the actual URL rewrite rules are written and have access to web server configuration files. Simply follow the user friendly wizard to automatically configure the URL rewrite rules.

Once URL rewrite rules are configured the parameters used in URLs will be automatically crawled and attacked by the web vulnerability scanner to uncover any potential vulnerabilities such parameters might be vulnerable to.

Improved Web Applications Coverage with New Chrome Based Crawler

If a vulnerable parameter is not crawled, it won’t be scanned and the vulnerability will not be uncovered. The new version of Netsparker has a new Chrome based crawler that allows it to crawl and better understand client scripts used in modern Web 2.0 and HTML5 web applications, thus leaving no stone unturned.

With the introduction of the new Chrome based crawler Netsparker’s coverage has been improved, therefore Netsparker can now crawl a wider variety of web applications and detect vulnerabilities and security issues in them.

Other Netsparker Improvements and New Web Security Checks

The new version of Netsparker Web Application Security Scanner also includes a number of improvements and new vulnerability checks that allow the web vulnerability scanner to identify more vulnerabilities and scan more reliably. Below are just some highlights of the new vulnerability checks and improvements:

  • Possible Source Code Disclosure for Perl, Python, Ruby and Java
  • Java Stack Trace Disclosure
  • Improved the coverage of Remote Code Execution via LFI vulnerabilities
  • Improved cross-site scripting vulnerability confirmation patterns
  • Improved the Form Authentication wizard
  • Improved the DOM parser

For more details about what is new and improved in the latest version of Netsparker Web Application Security Scanner read Netsparker 3.5 Features Highlights notes.

Download Netsparker Web Application Security Scanner

Download the Netsparker Demo to get a better overview of Netsparker and its vulnerability detection capabilities.

Pricing and Availability

Netsparker Web Application Security Scanner version 3.5 starts from $1,950. It is available through Netsparker Ltd and through all the Netsparker resellers and business partners. For more information about Netsparker please visit https://www.netsparker.com. For more information about Netsparker Web Application Security Scanner availibility, pricing and licensing options visit https://www.netsparker.com/pricing/.

Media contact: pr(at)netsparker(dot)com

About Netsparker Ltd

Netsparker Ltd is a young and enthusiastic UK based company. Netsparker is focused on developing a single automated web security product, the false positive free Netsparker Web Application Security Scanner. Netsparker management and engineers have more than a decade of experience in the web application security industry that is reflected in their product, Netsparker Web Application Security Scanner. Founded in 2009, Netsparker’s automated web vulnerability scanner is one of the leading security tools used by world renowned companies such as Samsung, NASA, Skype, ING and Ernst & Young.


Contact

Follow us on: Contact's Google Plus