(LiveHacking.Com) – Mavituna Security has released V2.0 of its web application security scanner Netsparker. The new version includes 16 new security checks, 15 new features and a variety of minor improvements.
New in V2.0 is a Vulnerability Database with a list of known vulnerabilities for Apache, Tomcat, MSSQL and MySQL. When Netsparker identifies one of these systems, it’ll reference the database and report all known vulnerabilities for that particular version with severity, exploit details and CVE references.
The new security checks performed by Netsparker 2.0 include: SSL checks (Netsparker will report weak ciphers, self-signed SSLs and similar SSL / Certificate related issues), Tomcat default files checks, ASP.NET MVC version disclosure checks and Mongrel / Nginx version disclosure checks.
The vulnerability engine has also been enhanced:
- Improved Signature based SQL Injection detection
- LFI checks improved and coverage increased
- Attribute-based XSS checks improved
- PHP source code disclosure checks improved
- Protocol-based XSS attacks significantly improved
- ASP.NET / .NET Framework 4 Viewstate support added. MAC Enabled and Encryption issues will also be reported correctly in .NET Framework 4 systems
- ORACLE SQL Injection checks improved