What’s New in N-Stalker X

Parallel Spider Engine

N-Stalker debuts a new spider engine to allow simultaneous fetching of web resources. This new feature provides a more effective way to traverse your application and search for web interfaces. If you want to inspect multiple requests, just press “Track Spider” and follow N-Stalker’s HTTP activities on demand.

Improved Attack Engine

N-Stalker X attack modules are based on a customized engine running LUA language. It provides a flexible integration and allow for a fast introduction of new attack patterns.  From OWASP Top 10 to CWE Top 25, N-Stalker X provides way to integrate your own signatures into his own inspection engine.

Enhanced Web Engine

Based on open-source engine, N-Stalker X supports all kind of modern technologies such as HTML5, Flash/Flex and Javascript language, including full support for asynchronous requests (Ajax experience). N-Stalker will interpret scripts and integrates your HTML’s DOM (Document Object Model) just like if a human-guided web browser was navigating through your application. Proprietary objects such as Shockwave/Flash applications will be easily processed allowing for a transparent crawling process.

Integrated Web Proxy for “drive-thru” attacks

An integrated web proxy in N-Stalker’s spider engine to allow for a drive-thru navigation and security testing for restricted and well-defined scopes. Just open your favorite browser, run your test cases and record well-known application transactions that can be used for an extended security assessment.

Support for Manual Security Analysis

Do you need to run restricted tests against your application? Manual security tests allows you to control which and where the security tests can be applied within your web application. Just point the resource and click to initiate a very specific assessment.