ScannerVersionVendor
N-Stalker 2009 Free Edition7.0.0.223N-Stalker

Tested Against WAVSEP Version:
1.0

Product Details:
Accurate
Version		License /
Technology		Last Update
Source Code
Activity
7.0.0.223 (GA) Freeware
Unknown (Win32) 		01-01-2009

General Features:
GUIConfigUsageStabilityPerformanceReportScanLogPauseSession
Very SimpleVery SimpleStableFast

Authentication, Control and Connection Features:
Custom
Cookie
Custom
Header
B
A
S
I
C
D
I
G
E
S
T
N
T
L
M
N
T
L
M
v
2
K
E
R
B
E
R
O
S
F
O
R
M
PROXY
GZIP
DEFLATE
SSL
CERT
Logout
Detection
Exclude
Logout
Exclude
URL
Exclude
Param

Coverage Features:
C
O
U
N
T
Manual
Crawl
URL
File
Html
Crawler
Ajax
Crawler
Flash
Crawler
Applet
Crawler
Silverlight
Crawler
WSDL
Crawler
REST
Crawler
Field
Autofill
Smart
Autofill
Anti
CSRF
Support
Viewstate
Support
CAPTCHA
Bypass
WAF
Bypass
3

Input Vector Support:
C
O
U
N
T
G
E
T
P
O
S
T
C
O
O
K
I
E
H
E
A
D
E
R
S
E
C
R
E
T
P
N
a
m
e
X
M
L
X
m
l
A
T
T
X
m
l
T
A
G
J
S
O
N
.
N
e
t
E
N
C
A
M
F
J
a
v
a
S
E
R
.
N
e
t
S
E
R
W
C
F
W
C
F
-
B
i
n
W
e
b
S
o
c
k
D
W
R
C
u
s
t
o
m
2

Audit Features:
C
O
U
N
T
S
Q
L
i
B
S
Q
L
i
S
S
J
S
i
R
X
S
S
P
X
S
S
D
X
S
S
J
S
O
N
h
L
F
I
R
F
I
C
M
D
E
x
e
c
U
P
L
O
A
D
R
E
D
I
R
E
C
T
C
R
L
F
i
L
D
A
P
i
X
P
A
P
H
i
M
X
i
S
S
I
F
O
R
M
A
T
i
C
O
D
E
i
X
M
L
i
E
L
i
B
U
F
F
E
R
o
I
N
T
E
G
E
R
o
C
O
D
E
D
i
s
c
B
A
C
K
U
P
f
P
A
D
D
I
N
G
A
U
T
H
b
P
R
I
V
e
X
X
E
S
E
S
S
I
O
N
F
I
X
A
T
I
O
N
C
S
R
F
A
D
o
S
1

Complimentary Audit Features:
WebServer
Hardening		CGI
Scanning		Dir & File
Enumeration		Passive
Analysis		Additional
Features
Spider is limited to 100 URLs in the free edition, Manual crawl support via Web Macro scripts, Flash/CSS/Javascript parsing features and Javascript execution features (coverage).
The Reflected XSS Detection Accuracy of the Scanner:
Detection AccuracyChart
60.61% Detection Rate
0.00% False Positives		(40/66)
(0/7)

Additional Audit Features:
None

Additional Features:
Spider is limited to 100 URLs in the free edition, Manual crawl support via Web Macro scripts, Flash/CSS/Javascript parsing features and Javascript execution features (coverage).

Overview:
The free edition specialization seems to be web server security, and the XSS scanning feature is thrown in as a ?bonus?. The spider is limited to 100 URLs, thus reducing the benefit from exceptional coverage features (Flash/CSS/JS parsing), and with mediocre accuracy in XSS detection the free edition of the tool will be an insufficient and unreliable choice for most applications.


Copyright © 2010-2016 by Shay Chen. All rights reserved.
Click here to learn how this information may be published or reused.