Vega – Web Security Testing Platform

Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. This tool may help to find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.

Vega - Web Security Testing Platform
Vega – Web Security Testing Platform

The scan engine have several mode and website crawling functionality. There is a possibility to automatically log into websites when supplied with user credentials. The platform will allow user to observe and interact with communication between clients and servers, and will perform SSL interception for HTTP websites to evaluate the content.

Proxy mode can also be configured to run attack modules while the user is browsing the target site through it. This allows for semi-automated, user-driven security testing to ensure maximum code coverage.

Current supported features are:

  • GUI-Based – The tool has a well-designed graphical user-interface.
  • supporting multi-platform as it is written in Java and runs on Linux, OS X, and Windows.
  • Extensible- Detection modules are written in Javascript. It is easy to create new attack modules using the rich API exposed.

The tool also allow several functionality such as debugging mode to log all scanner requests. customize the scanner preference to adjust required scan parameters such as Total number of path descendants,Maximum path depth, Maximum number of requests to send per second and more.

You can read more and download this tool over here: https://subgraph.com/vega/index.en.html

Share