Vega: Web Applications Scanner with Proxy Features

Vega is a widely used security testing tool designed for website crawling and analyzing page content. It helps identify links and form parameters for security assessment.

Hello everyone, in today's article, I'll explain what Vega is, why it's considered popular, and demonstrate how to download and install it.

Vega is now not included in the pre-installed software of Kali, or Parrot Security OS, so it needs to be installed using apt manager.

Unfortunately, installing Vega using, apt install vega, is not supported on Kali Linux. The same problem is with parrot security OS.

These distributions do not have Vega included in their package repositories for installation via the apt package manager. Therefore, manual installation or alternative methods are required to install Vega on these operating systems.

Alternatively, we can download Vega directly from the official website, which offers versions compatible with various operating systems. However, I faced challenges when attempting to download it from the official site. Clicking on the download link for the Linux platform did not initiate the download process.

Similar issues occurred when trying to download Vega for the Windows platform. Despite these challenges, there are alternative methods to obtain and install Vega, ensuring you can use this security testing tool effectively.

After extensive searching, I managed to find the software from an external source, but only for Windows. Without further delay, let’s proceed with installing it on a Windows virtual machine.

Ensure that the Windows operating system you'll use for installing Vega is running within a Virtual Machine. Also, verify the network settings to ensure it's connected with Host-only and NAT network configurations.

Now, let’s launch the virtual machine and begin the Vega installation.

Now, let’s start the virtual machine and proceed with installing Vega. To install Vega on your Windows OS, ensure that Java 8 JDK and JRE are already installed.

I've downloaded the Java 8 Development Kit (JDK) from the Oracle site. 

To install it, simply double-click on the downloaded file and follow the step-by-step instructions provided. Once Java 8 is successfully installed, you can verify its installation by opening the command prompt and typing `java -version` to check the version information.

With Java 8 fully operational, we are now ready to install Vega. Double-click on the Vega installation file and follow the instructions to complete the installation process. 

Once installed, let’s launch Vega.

Vega features Scanner and Proxy tabs located in the top-right corner of the interface. 

To utilize Vega as a Scanner, ensure you are on the Scanner tab in the top-right corner. Next, click on the “Start a new Scan” icon located in the top-left corner to initiate a new scanning session.

When you click on the ‘start a new Scan’, you'll encounter an input field prompting you to specify the target URL for scanning. In this field, enter the URL of the website or server you intend to scan.

For instance, let's say we are targeting the Metasploitable2 server.

Ensure that the network adapter of the Metasploitable2 virtual machine is configured with a Host-only adapter. This configuration allows you to access the Metasploitable2 server from any web browser running on your Windows virtual machine.

Paste the URL of the Metasploitable2 server into the input field.  This URL will be used as the target for the scanning process.

Once you've entered the target URL, click on "Next" to proceed with the scanning configuration.

In the subsequent sections, you will find options to assess your target against various vulnerabilities. The main modules available are "Injection" and "Response Processing," each containing multiple scanning options. 

To configure your scan, click on the small arrow under each module to expand the list of available options. Select the specific vulnerabilities you want to scan for, then proceed by clicking on "Next." 

This allows you to customize the scanning parameters according to your requirements.

In this step, Vega provides options to add cookies and exclusion patterns, which are both optional settings used to refine the scanning process. You can choose to leave these settings as default and proceed by clicking "Next." 

Finally, click on "Finish" to initiate the scan.

Once the scan is underway, Vega will display the active scan progress and map the vulnerabilities discovered, indicating the level of risk they pose to the target system. 

This allows you to assess and prioritize the identified vulnerabilities based on their severity.

 In the top left window labeled "Website View," you can see the target(s) currently being scanned along with any associated targets related to the primary one. The bottom left window titled "Scan Alerts" categorizes the vulnerabilities found during the scan. Click on the arrows next to the alerts to view the specific vulnerabilities identified by Vega. 

Clicking on any vulnerability will display a definition of the issue along with a detailed explanation of its potential impact.

If the scanning process is taking too long, you have the option to stop it by clicking on the "Stop Scanner" button. This will halt the scanning process.

One of the standout features of this vulnerability scanner is its ability to provide detailed information about each vulnerability detected during the scan. For instance, let's delve into the specifics of a "Shellshock" injection vulnerability. 

By reviewing the scan results, we can access comprehensive details about the vulnerability, including discussions in the associated section. Vega also presents information on the impact of the vulnerability and suggestions for remediation.

Furthermore, Vega offers additional links to relevant information provided by third parties. Clicking on any of these links will provide more detailed information about the vulnerability or related topics. This feature enhances the depth of analysis and understanding of the identified security issues.

The Proxy section in Vega allows you to view the requests and responses exchanged with the target website during a scan. As the scan progresses, the Proxy section will be populated with the captured requests and responses for analysis and inspection. 

This feature enables you to monitor and analyze the communication between Vega and the target website in real time.

Vega presents detailed information about discovered vulnerabilities in the main display window and also provides a summary page. 

You can use this information to generate a comprehensive report or final deliverable by copying the details directly from Vega's interface. This feature simplifies the process of documenting and sharing the findings of your security assessment.

That concludes the documentation for this video. If you found this video informative, please consider liking and subscribing to my channel for more content like this. If you have any questions or concerns, feel free to leave them in the comments section below. Your feedback is greatly appreciated!