It is important to note that since this release, Netsparker has undergone a major rebranding. The product is now marketed as . While version 5.8.1 was a stable and widely used build, it has since been superseded by newer versions (6.x and beyond) which include significantly improved engines for API security and IAST (Interactive Application Security Testing) capabilities.
: Professional Edition is a single-user desktop license, distinct from the Enterprise (cloud/on-prem) web-based platform. Legacy Context
This version focused on enhancing the scanner's ability to detect vulnerabilities in modern web environments, specifically improving its "Proof of Concept" (PoC) generation and expanding its coverage of third-party technologies. Key Features and Improvements
: This version included expanded detection for outdated third-party libraries and frameworks (e.g., WordPress, Drupal, and various JavaScript libraries) known to have CVEs.
: Updates to the internal engine allowed for better crawling and auditing of Single Page Applications (SPAs) and heavy JavaScript environments (React, Angular). New Security Checks : Introduced specific checks for: Insecure Frame Headers. Missing Security Headers (HSTS, Content-Security-Policy). Subresource Integrity (SRI) validation. Technical Specifications
It is important to note that since this release, Netsparker has undergone a major rebranding. The product is now marketed as . While version 5.8.1 was a stable and widely used build, it has since been superseded by newer versions (6.x and beyond) which include significantly improved engines for API security and IAST (Interactive Application Security Testing) capabilities.
: Professional Edition is a single-user desktop license, distinct from the Enterprise (cloud/on-prem) web-based platform. Legacy Context
This version focused on enhancing the scanner's ability to detect vulnerabilities in modern web environments, specifically improving its "Proof of Concept" (PoC) generation and expanding its coverage of third-party technologies. Key Features and Improvements
: This version included expanded detection for outdated third-party libraries and frameworks (e.g., WordPress, Drupal, and various JavaScript libraries) known to have CVEs.
: Updates to the internal engine allowed for better crawling and auditing of Single Page Applications (SPAs) and heavy JavaScript environments (React, Angular). New Security Checks : Introduced specific checks for: Insecure Frame Headers. Missing Security Headers (HSTS, Content-Security-Policy). Subresource Integrity (SRI) validation. Technical Specifications