Users can now preconfigure local/session web storage data for a website.
Added a new send to action to send e-mails.
Added HTTP Header Authentication settings to add request HTTP Headers with authentication information.
Added CSV file link importer.
Parsing of form values from a specified URL.
Added custom root certificate support for manual crawling.
Added gzipped sitemap parsing support.
NEW SECURITY CHECKS
Added reflected "Code Evaluation (Apache Struts 2)" security check (CVE-2017-12611).
Added "Remote Code Execution in Apache Struts" security check. (CVE-2017-5638).
Renamed "Important" severity name to "High".
Updated external references for several vulnerabilities.
Improved default Form Values settings.
Improved scan stability and performance.
Added Form Authentication performance data to Scan Performance knowledgebase node.
Added "Run only when user is logged on" option to the scan scheduling.
Added a warning before the scan starting if there are out of scope links in imported links.
Improved Active Mixed Content vulnerability description.
Improved DOM simulation for events attached to document object.
Added "Alternates", "Content-Location" and "Refresh" response header parsing.
Removed "Disable IE ESC" requirement on Windows server operating systems.
Improved Content Security Policy (CSP) engine performance by checking CSP Nonce value per directory.
Changed sqlmap payloads to start with sqlmap.py, including the .py extension.
Added –batch argument to sqlmap payloads.
Removed Markdown Injection XSS attack payloads.
Filtered out irrelevant certificates generated by Netsparker from client certificate selection dropdown on Client Certificate Authentication settings.
Added ALL parameter type option to the Ignored Parameters settings.
Added gtm.js (Google Tag Manager JS library) to the default excluded scope patterns.
Added an option to export only PDF reports without HTML.
Added -nohtml argument to CLI to create only pdf reports.
Updated the Accept header value for default scan policy.
Added CSS exclusion selector supports frames and iframes.
Added scan start time information to the dashboard.
Skip Phase button is disabled if the phase cannot be skipped.
Added validation messages for invalid entries on start new scan dialog sections.
Added parsing source information to Scanned URLs List and Crawled URLs List (JSON) reports.
Added highlight support for password transmitted over HTTP vulnerabilities.
Email disclosure will not be reported for email address used in form authentication credentials.
Added focus and blur event simulation for form authentication set value API calls.
Uninstaller now checks for any running instances.
Internal proxy now serves the certificate used through HTTP echo page.
Added spell checker for Report Policy Editor.
Added an error page if any internal proxy exception occurs.
Added more information about the HTML form and input for vulnerabilities found on HTML forms.
Extensions on the URLs are handled by the custom URL rewrite rule wizard.
Added Parameter Value column to Vulnerabilities List CSV report.
Added match by HTML element id for form values.
Improved Windows Short Filename vulnerability details Remedy section.
Improved scan policy security check filtering by supporting short names of security checks.
Improved Burp file import dialog by removing the file extension filter.
Improved table column widths on several reports.
Updated default User-Agent HTTP request header string.
URL Rewrite parameters are now represented as asterisks in sqlmap payloads.
for more help contact me