3 weeks ago
68 Views

How to Scan Websites for Potential Vulnerabilities Using Vega in Kali Linux « Null Byte :: WonderHowTo


Withstanding an attack via a motivated hacker will be one of most important responsibilities a system administrator must undertake. that will will be especially true for websites that will may contain sensitive customer information along which has a high volume of users. So the item’s important for a sysadmin to take proactive measures to find along with fix vulnerabilities in their websites.

One tool that will can help do that will will be Vega Vulnerability Scanner, a free, open-source, graphical web-auditing tool developed by the security company Subgraph. that will tool contains several interesting features such as a proxy scanner, nevertheless we’ll be focusing on the automated security testing aspect that will can help us find along with validate SQL injection, cross-site scripting (XSS), inadvertently disclosed sensitive information, along with many different vulnerabilities.

There are similar web application scanners to Vega. Portswigger’s Burp Suite Scanner along with Netsparker’s Security Scanner both ofter premium vulnerability scanners nevertheless Vega’s scanner can perform many of the same tasks at no cost. Vega’s scanner makes finding along with understanding the severity of web application vulnerabilities simple by clearly along with concisely displaying useful resources with every scan.

Don’t Miss: How to Scan for Network & System Vulnerabilities with Nexpose

Step 1: Install Vega

Since the Vega Vulnerability Scanner usually comes preinstalled on most versions of Kali Linux, you should be Great to go if you’re using a Kali system. If you’re not sure whether or not your Kali setup has the item already, you can run the apt-get command seen below in a terminal. You’ll get a message saying the item’s already installed if you do develop the item already, along with if not, the item will install the item for you.

apt-get update && apt-get install vega

If you’re using the BlackArch penetration distribution, you can install the Vega Vulnerability Scanner with the below command. BlackArch doesn’t use the APT package manager, so we’ll use Pacman. I won’t be going over any different details inside following steps that will cover using BlackArch, nevertheless the item’s a similar process, so the item shouldn’t be too hard for you to follow along.

pacman -S vega

Don’t Miss: How to Get started out with BlackArch, a More Up-to-Date Pentesting Distro Than Kali

Step 2: Start Vega

In Kali Linux, tools are automatically sorted into categories, so click on “Applications,” then hover over the “Web Application Analysis” category, along with click on “Vega.” Depending on if you’re using something like XFCE, a lightweight edition of Kali, the Applications menu may look a bit different. You could also just search for “Vega” via the “Show Applications” screen.

Step 3: Configure Vega

After starting an application for the 1st time, I like to view the available preferences along with options. inside top-left corner, click on the “Window” menu, then view the “Preferences,” which I’ll walk you through inside next two steps.

Proxy Vega HTTP Requests (Optional)

If you prefer to anonymize your Vega scans along with proxy all connections, check the “Enable SOCKS proxy” option under General, along with enter a proxy address along with port. If you’re using Tor, enter the default Tor address along with port (127.0.0.1:9050). that will will help conceal the origin of your scans. Otherwise, if you’re using a free or premium proxy service, choose the address along with port you prefer.

Use Tor’s User-Agent (Optional)

If you decide to proxy Vega scans over Tor, you may also consider changing Vega’s user-agent to the Tor Browser user-agent. that will will help you access some (nevertheless not all) websites that will block Tor HTTP requests.

To modify the Vega user-agent, click on the “Scanner” category along with enter the Tor Browser user-agent next to User-Agent. Then click “Apply” along with “OK” to save the improvements. Below will be the current Tor Browser user-agent as of Feb. 2018.

Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0

The Tor Browser user-agent will change with every major Tor Browser update. To find the latest user-agent, open an up-to-date Tor Browser along with enter about:config into the URL bar. If you see a warning popup, select “I accept the risk,” then type useragent.override inside Search bar.

Double-clicking the entry that will shows up will prompt a popup along with allow you to copy the user-agent string. Alternatively, you can also right-click along with select “Copy” on the value.

Moderate HTTP Requests (Optional)

Another thing inside Scanner menu you may want to modify will be the Maximum number of requests per second to send option. By default, the software will be set to 25 requests per second.

Depending on the scenario, that will might be too many or too few requests per second. Assuming you have permission to scan a website with Vega, ten requests per second will be probably a Great place to start. With sites you own, 100 requests per second might be more appropriate. the item’s entirely up to you.

You won’t notice much increase in processing power using more requests per second, so the item’s safe to set that will number to something high. Don’t worry; Vega isn’t a DDoS tool. Your internet bandwidth along with the bandwidth of the website will automatically throttle the requests.

Don’t Miss: How to Find Vulnerabilities for Any Website Using Nikto

that will’s about the item for Vega’s preferences. The Listener settings in “Proxy” are preferences unrelated to the scanner. The “Debug” preferences inside Scanner section are there for Vega developers.

Step 4: Scan a Website with Vega

at that will point that will we have Vega installed along with configured, we’re at that will point ready to start scanning a website. To start scanning, open the “Scan” menu inside top left along with click on “Start fresh Scan.” Vega will prompt us with the Select a Scan Target window. Enter your target URL into the box under Scan Target, then hit “Next.”

Vega has dozens of modules designed to find a wide range of common web server vulnerabilities such as SQL, XSS, along with XML injection vulnerabilities. If you want to enable all of the scanner modules, just make sure all are selected, along with click “Finish” to start scanning the website. Otherwise, deselect the modules you’re not interested in testing first.

Note: We don’t need to adjust the Authentication Options or Parameters, the next two pages inside options if you keep selecting “Next,” to ensure that will’s why we just select “Finish” after choosing our modules.

A scan can take anywhere via 2 minutes to 8 hours to complete depending on the size of the website along with the requests per second we set earlier inside article. You’ll know the scan has started out when the website appears inside Scan Alerts tab along with alerts begin to propagate. When the scan will be done running, you’ll get a report detailing any vulnerabilities found.

Step 5: Interpret Vega’s Alerts

When the scan will be complete, Vega will clearly along with concisely display a summary of the alerts.

If Vega reports a “High” alert, don’t panic. Vega’s modules are sensitive along with sometimes produce false positive alerts for vulnerabilities that will may not actually exist. False positives aren’t necessarily a bad thing. that will being said, the item’s a Great idea to comb through the report along with manually investigate each alert. Think of these alerts as areas worth further investigating along with not definitive indications that will something needs to be fixed.

Vega does a fantastic job of explaining what each alert means, their impact on our websites, along with ways to remedy the vulnerabilities. the item also includes useful references that will may help us better understand how to deal with the vulnerabilities.

Clicking on one of the alerts will display tons of useful information.

Vega Can Help Keep Your Website Secure

Vega will be an excellent tool to help security researchers better understand web application penetration testing. Its vast selection of modules allows even novice users to dig deep into potential security risks along with assess their severity to websites. Anyone interested in improving the security of their website along with enhancing their web hacking skills will come to love Vega along with its ease of use, or at least, I expect so.

Cover image by Negative Space/Pexels; Screenshots by tokyoneon/Null Byte

Leave a Comment

Your email address will not be published. Required fields are marked *

three × 5 =