Almost every penetration testing project must follow a strict schedule, mostly determined by clients’ requirements. It is very useful for a penetration tester to have a tool that can perform plenty of tests on an application in a short period of time in order to identify the biggest possible number of vulnerabilities in the scheduled days. Automated vulnerability scanners are the tools to pick for this task.
One of such tool is Vega Scanner
Using Vega scanner
Vega is a Web vulnerability scanner made by the Canadian company Subgraph and distributed as an Open Source tool. Besides being a scanner, it can be used as an interception proxy and perform, scans as we browse the target site.
Vega is a Java-based application that provides testers with an easy to follow GUI. The following are some of its features:
The ability to utilize a number of injection modules, such as SQLite, XSS, and Shell injection attacks Scanning with authentication and session cookies
We will use Vega to discover Web vulnerabilities in this recipe.
How to do it…
- Vega is not included with Kali Linux v 2.0. As a result, it has to be installed. You can download the latest version at https://subgraph.com/vega/.
Once downloaded, extract the zip file to your preferred location.
Navigate to the folder and type the following:
. /Vega in your terminal
- Click on the Start New Scan button
- A new dialog will pop up. In a box labelled enter a base URI for scan
4.Click Next. Here we can select what modules to run over the application. Let’s leave them as
- Finally, you can fine-tune the scan to exclude specific parameters that are not needed
6.Click Finish to start the scan.
- When the scan is finished, we can check the results by navigating the Scan Alerts
Tree in the left. The vulnerability details will be shown in the right panel, as shown:
How it works…
Vega works by first crawling the URL we specified as the target, identifying forms and other
Possible data inputs, such as cookies or request headers. Once they are found, Vega tries different inputs in them to identify vulnerabilities by analysing the responses and matching them to known vulnerable patterns.
In Vega, we can scan a site or a group of sites that are put together in a scope, we can select what tests to perform by selecting the modules we will use in the scan; also, we can authenticate the site or sites using identities (pre-saved user/password combinations) or session cookies and exclude some parameters from testing. As an important drawback, it doesn’t have a report generation or data export feature, so we will have to see all the vulnerability descriptions and details in the Vega GUI.
Hope this Article Helps you