-
Notifications
You must be signed in to change notification settings - Fork 2
Vega Proxy Scanner
The Vega Proxy Scanner allows for Vega to perform scanning (active and passive) on targets observed during client-server interaction through the Vega proxy.
A user configures their browser (or any other HTTP client) to use the Vega proxy, adds the target host/paths to the scope, and then enables proxy scanning. Any page that is accessed by the client through the proxy that matches the scope will be actively scanned by Vega.
This is useful in the following cases:
- Client-side active content that sends requests to targets the crawler would not see (Java, ActiveX, Flash, AJAX..)
- Automated crawling is not possible or inappropriate, such as server sensitivity to load, specific paths within testing scope
To use the proxy scanner, the first step is to configure the HTTP client to use the proxy.
The user can select modules to be run during proxy scanning by clicking the outlined icon. Note that changing this list will require stopping and restarting the proxy and disabling/re-enabling proxy scanning:
The user must then add the site or path to be scanned to the target scope. That can be done manually or in the web view, by right clicking on any path or host and using the tooltip menu option to add the selection to scope.
Manually;
Start the Vega proxy, if you have not already done so.
The proxy scanner must then be toggled to the on state. This can be done by clicking the proxy scanner icon:
Any request made to a resource that matches the target scope will be actively scanned with the injection modules.
The icon in the bottom left corner will blink to notify the user of an alert generated by a Vega module during proxy scanning. Clicking on the icon will open the proxy alerts fastview:
Continue to: Authenticated Scanning with Identities (pt. 4 of 4)
Have feedback on Vega? Our documentation? Please tell us.