Vulnerable test sites to test your XSS skills: Hands-on AppSec

Fri, 14 Mar 2025

Understanding how cross-site scripting vulnerabilities are exploited is essential for developers and security testers. This guide highlights the top intentionally vulnerable websites and platforms where you can practice XSS attacks in a controlled environment, reinforcing secure coding habits and penetration testing skills.

Security Weekly Interviews Ferruh Mavituna about Web Application Security

Mon, 22 May 2017

In this interview with Security Weekly, Ferruh talks about web application security and explains how he got started, why Netsparker Enterprise is the ideal tool for large organizations who would like to ensure the security of all their web applications, explains how the false positive free vulnerability scanning technology works and much more.

Netsparker Enterprise or Netsparker Desktop?

Tue, 23 May 2017

Should you use the desktop edition of Netsparker or go for Netsparker Enterprise, the new online web application security scanner? This article talks about the scope of both products and explains in detail what they are to help you better understand both products and choose the best solution.

What Can You Learn from 87 Advisories About Web Application Vulnerabilities?

Mon, 22 May 2017

This article looks into the details of all the 87 advisories Netsparker published about SQL Injection, XSS and other vulnerabilities Netsparker Web Application Security Scanner identified in several open source web applications. It uses statistics to highlight the state of security of both open source and non open source web applications.

Passwords vs. Pass Phrases – Innovation and Evolution

Mon, 22 May 2017

This third and last password paper looks into new innovations and evolution of passwords and authentication mechanisms. It looks into what other options there are available should we opt for something more secure than passwords and pass phrases.

An automated scanner that finds all OWASP Top 10 security flaws? Really?

Fri, 02 Aug 2019

Shellshock Exploit and Vulnerability Explained | Bash RCE

Thu, 09 Nov 2017

The Shellshock Bash vulnerability allows an attacker to send operating system commands to the web server operating system, thus allowing the attacker to take over the server. This web security article explains what is the Shellshock vulnerability and how you can automatically check if your web environment is vulnerable to this critical vulnerability.

Ruby on Rails Security Basics

Wed, 06 Aug 2014

How Fast is Your Web vulnerability Scanner?

Mon, 22 May 2017

There are many different factors that can affect the duration of a complete web application security test. Learn what such factors are and learn how to evaluate your security tools to ensure your business gets the best return on investment when doing web application security tests.

What is DOM-based XSS (cross-site scripting)?

Thu, 09 May 2019

URL Rewrite Rules and Web Vulnerability Scanners

Tue, 23 May 2017

URL Rewrite Rules have become extremely popular in web applications but many web vulnerability scanners fall short of automatically scan such websites. Read this article to learn more on why typical web vulnerability scanners are unable to scan websites which use URL rewrite rules and what Netsparker did to allow users to easily and automatically scan websites with URL rewrite technology enabled.

Passwords vs. Pass Phrases – Weaknesses Beyond the Password

Mon, 22 May 2017

Using strong passwords is not enough, the whole system should be built well to ensure that the underlying technology can survive a data breach, when, and not if it happens. In fact a modernized approach to password ideology is only one of the several necessary steps for a highly-secured system

Vulnerable test sites to test your XSS skills: Hands-on AppSec

Security Weekly Interviews Ferruh Mavituna about Web Application Security

Netsparker Enterprise or Netsparker Desktop?

What Can You Learn from 87 Advisories About Web Application Vulnerabilities?

Passwords vs. Pass Phrases – Innovation and Evolution

Social Hacking of Support and Implementation Teams

An automated scanner that finds all OWASP Top 10 security flaws? Really?

Shellshock Exploit and Vulnerability Explained | Bash RCE

Ruby on Rails Security Basics

How Fast is Your Web vulnerability Scanner?

What is DOM-based XSS (cross-site scripting)?

URL Rewrite Rules and Web Vulnerability Scanners

Passwords vs. Pass Phrases – Weaknesses Beyond the Password