New Improved Netsparker 3.1.4 is Available for Download

A new version of Netsparker Web Application Security Scanner is available for download. This version 3.1.4 of Netsparker includes several improvements to the user interface to ease the process of configuring the scanner, and also includes several bug fixes. For more details about this new build of Netsparker read this blog post.

A new update of Netsparker Web Application Security Scanner is available for download. In this new version 3.1.4 we included small improvements to the user interface and also improvements the mechanics of the security scanner, such as improved the validation of the Custom 404 Error Page RegEx, improved the Cross-Site Scripting vulnerability template etc.

We have improved the Netsparker Scan Policy Editor dialog for better usability in this release. You no longer need to open the settings dialog to edit settings of a policy, the settings are just right below to the selected policy. This will save you a few clicks while you are customizing your policies.

Netsparker Scan Policy Editor with Scan Settings

Refer to the below list for more detailed information about what was improved and fixed in this new version of Netsparker.

Netsparker Improvements in this Build

  • Added new keywords to the default list of sensitive keyword in Comments
  • Improved Scan Policy Editor dialog to default to unique policy names when a new policy is created or cloned
  • Improved Custom 404 RegEx validation to prevent empty patterns
  • Improved HTML5 engine to ignore non-HTTP protocols on iframe sources
  • Improved Configure Form Authentication wizard to use the selected Scan Policy settings (Custom headers, proxy, user-agent, etc.) on Start a New Scan dialog
  • Improved cross-site scripting vulnerability template

Bug Fixes

  • Fixed wrong PDF scaling issue which causes fonts to be rendered very small for report templates
  • Fixed DOM Parser InvalidCastException crashes while trying to cast option tags on some cases
  • Fixed form “action” value reported wrong on vulnerability details
  • Fixed Internal Proxy port value setting upper bound to 65535
  • Fixed incorrect attack possibility calculation for XSS confirmation requests
  • Fixed dialog sizes on various screen resolutions and DPIs
  • Fixed some issues in XSS detecting within script blocks
  • Fixed XML attacks where reserved “xmlns” attribute values were being modified
  • Fixed a DOM Parser issue on HTML pages with nested form tags

Upgrading your Netsparker Web Application Security Scanner

If you are already using Netsparker Web Application Security Scanner, a pop up window with the upgrade details will pop up the next time you run Netsparker. Alternatively you can always click on Check for Updates from the Help drop down menu to force manual updates as well.

If you have problems with the upgrade or product related queries, get in touch with our awesome support team by sending us an email on support@invicti.com

Huseyin Tufekcilerli

About the Author

Huseyin Tufekcilerli - Director of Product Management

Product Manager at Invicti.