When creating and maintaining a web application, it is so hard to fully make a manual security test as there are lots of things to check for. And, many different methods exist for exploiting apps.
Netsparker is a professional yet user-friendly web application security scanner (runs on Windows OS) which makes it easy for developers of all levels to search and find any flaws in apps.
Info: 1 license of Netsparker Pro Edition ($5950 value) is being given away and details of the giveaway can be found at the bottom of this post.
The application has a simple and intuitive user interface where you can start scanning a web app almost instantly.
Best of all, Netsparker is false-positive free. If it tells that there is a vulnerability than there really is one.
In case you are planning to use it regularly and integrate it into your development environment, it has a command-line interface for easily automating and scheduling tasks.
It is a pretty flexible tool as you can choose what pages/parts of a web app to scan and/or go non-automated but manually. Also, we can customize and/or enable/disable the attacking methods used.
Once a scan is completed, Netsparker produces a report which includes a summary of all the detected vulnerabilities, together with links to additional actionable detail, such as the impact and the remedy of the vulnerability. These reports can also be customized using the Reports API provided.
How to join the giveaway?
In order to get a chance to win the Pro Edition License, just tweet with the #wrdnetsparker hashtag and link back to this post (click to tweet easily).
The winner will be selected randomly from the tweeters 1 week later (9 October 2012).
Good luck to all.
Here is the winner of Netsparker Pro Edition License:
Congratulations and thanks to everyone for joining.