Thursday, 1 August 2013

Vega Web Vulnerability Scanner For Windows/Linux/Mac (With Solution For Windows Installation Bugs)

Vega Open Source Web Vulnerability Scanner

Vega is a free and open source scanner and testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. Vega can be extended using a powerful API in the language of the web: Javascript.



Core Features: 
  • Automated Crawler and Vulnerability Scanner
  • Consistent UI
  • Website Crawler
  • Intercepting Proxy
  • SSL MITM
  • Content Analysis
  • Extensibility through a Powerful Javascript Module API
  • Customizable alerts
  • Database and Shared Data Model
Download : Vega
 
Installation Instructions:
Linux Users:
Install webkitgtk depending on your linux flavor.
Debian linux users can install webkitgtk by following command.
sudo apt-get install libwebkitgtk-1.0
while RPM Linux users can install it by following command.
sudo yum install webkitgtk 
Then Download Vega Scanner from download link given above and extract it on your hard drive.Open terminal, enter your extracted folder using "cd" command and run following command to start it.
sudo ./Vega
Windows Users:
Windows users need to install Java Runtime Environment ( JRE ).
Download: Java Runtime Environment (JRE)
Download and install JRE from above given link.Then install Vega from the link that I have given above.

NOTE:There is a common bug in Vega for windows, when you will start your vega scanner it will return an error dialogue box saying "failed to create the java virtual machine" as i have showed in the following pic.


 So, follow me to solve this bug.
1- Go to your desktop, right click on your Vega Scanner installation icon and click on Properties.
2- In properties dialogue box, click on "Open File Location". Now you are in installation directory of Vega Scanner.
3- Now find a file named "Vega.ini", open it and copy its text.
4- Now, open start menu and type "notepad". Notepad in search will appear for you, right click over it and run it as administrator. Notepad will open up for you with administrator privileges. Now paste your copied text of "Vega.ini" file in notepad and change -Xmx2048m to a value less than your total RAM. 
Check the following parameter for better understanding.
-vmargs
-Xms256m
-Xmx512m
-XX:PermSize=128m
-XX:MaxPermSize=256m
Like in my case, it was -Xmx2048m, so i changed it -Xmx512m. Now Vega scanner's Java Virtual Machine will consume maximum of 512 mb RAM.
5- Now press CTRL + S to save this file. It will open dialogue to save your file, go to installation directory of Vega Scanner and click on Vega.ini file and save this file over old Vega.ini. Actually you are replacing this file.

Note:Without administrator privileges you can't edit Vega.ini file thats why i told you to do this all replacement procedure.

Now run your Vega Scanner and you will see it working for you :)

If my tutorial really helped you then please leave a feed back here. Thanks for your time.