Advance

A Few Steps to Scan a Website with Vega on Kali Linux

A Few Steps to Scan a Website with Vega on Kali Linux

The vulnerability scanner is software for detecting damage and security holes in networks, operating systems, and websites. They contain a database of all known vulnerabilities and scan your device or network to see if these vulnerabilities exist on your network or system. Vega vulnerability scanner is one of the popular vulnerability scanners. This article will explain A Few Steps to Scan a Website with Vega on Kali Linux. If you want to buy your own Linux VPS server, you can check out the packages offered on the Eldernode website.

How to Scan a Website with Vega on Kali Linux 

Vega vulnerability scanner is an open-source and free web security scanner to test the security of web applications. It runs on Windows, Linux, and OS X and is written in Java. This scanner allows you to find and validate SQL Injection, Cross-site Scripting, inadvertently disclosed sensitive information, and other vulnerabilities. The Vega scanner has a well-designed graphical user interface, probes for TLS/SSL security settings and identifies opportunities for improving your TLS server’s security.

Recommended Article: How To Install CeWL On Kali Linux [Security]

Installing Vega on Kali Linux

First, update your system package using the commands below:

sudo apt update
sudo apt upgrade

You can install the Vega scanner by running the following command:

sudo apt install vega

Now enter the following commands to install some dependencies and tools:

sudo dpkg --configure -a
sudo apt install libwebkitgtk-1.0-0 default-jdk unzip

Then navigate to Subgraph’s website and download your desired Vega version:

 

Vega-vulnerability-scanner-download

 

Now install the zip file with the command below:

wget https://support.subgraph.com/downloads/VegaBuild-linux.gtk.x86_64.zip

You can unarchive the downloaded file using the following command:

unzip VegaBuild-linux.gtk.x86_64.zip

Note: Newer versions of Java will not work with Vega and you may need to change the Java version you are using. To switch to Java 8, just run the following command:

sudo update-alternatives --config java

Starting Vega on Kali Linux 

Navigate to Applications >> Web Application Analysis >> Vega path. Then cd into the Vega folder and enter the ls command:

cd vega
ls

You can start Vega using the command below:

sudo ./Vega

Now you will see Vega’s start screen:

 

Vega-vulnerability-scanner-start-screen

 

Scanning a Website with Vega on Kali Linux

All you have to do to start scanning the website is hit the Ctrl-N shortcut, click Scan in the menu bar and choose Start New Scan.

You will see the Select a Scan Target window. Enter the target URL into the Scan Target box and press Next:

 

Vega-select-scan-target

 

You can set authentication options or parameters by clicking Next a few times.

Click Finish to start scanning the website:

 

Vega-Start-Scanning-website

 

You have to wait a while for the scan to finish. The appearance of the website in the Scan Alerts tab and the release of alerts indicate that the scan has started. Once the scan is finished, you will receive a report detailing the vulnerabilities found.

Interpreting Alerts of Vega

After the scan is finished completely, you will see a summary of the alerts.

Note: Vega modules are sensitive and sometimes generate false positive alerts for vulnerabilities that may not actually exist. Comb through the report and manually investigate each alert.

 

Scan-alert-summary

 

Vega explains what each warning means, how they affect your websites, and ways to fix vulnerabilities. You can get a lot of information about the vulnerabilities by clicking on one of the alerts.

That’s it!

Recommended Article: 4 reasons Why Nessus is Better Than Nexpose

Conclusion

Vega simplifies finding and understanding the severity of web application vulnerabilities by clearly displaying useful resources with each scan. In this article, we explained a few steps to scan a website with Vega on Kali Linux. I hope this tutorial helps you to scan your website using the Vega vulnerability scanner. If you have any questions or problems, you can contact us in the Comments section.

View More Posts
Tom Veitch
Eldernode Writer
We Are Waiting for your valuable comments and you can be sure that it will be answered in the shortest possible time.

Leave a Reply

Your email address will not be published. Required fields are marked *

We are by your side every step of the way

Think about developing your online business; We will protect it compassionately

We are by your side every step of the way

+8595670151

7 days a week, 24 hours a day