4. Identities and Macros

Please note that we have a video on this topic: https://www.youtube.com/watch?v=Yw2UbKivkgQ

Identities store credential sets for the Vega automated scanner:

  • HTTP Basic/Digest
  • NTLM
  • Form-based authentication (via Macros, see below)

Creating Identities

To create an identity, click on the Identity icon in the lower right part of the scanner perspective.

Creating an Identity

Creating identities representing HTTP Basic, HTTP Digest, and NTLM credentials is straightforward.

Macros

Macros are stored requests representing client login sequences. Vega allows for the user to replay a login request made recorded by the proxy prior to an automated scan. This permits the automated scanner to authenticate itself to the application.

1. Log into the application through the proxy

You must do this so that Vega records the login request with the credentials, so that it can be replayed later automatically. Click here for a tutorial on how to use the Vega proxy.

2. Create a new identity (as depicted above)

Select macro as the credential type, and click Next.

3. Click Create macro

Macro Editor

4. Click Add item and find the POST request for your login through the proxy

Macro Item Selector

5. Highlight the item and click finish

Macro Creation Finish

6. Finish creating the identity, now bound to the macro you just created

Finish Identity Creation

7. You may now perform an authenticated automated scan (don't forget to exclude the application logout link..)

Start a Scan With the Identity

Home > Identities

Have feedback on Vega? Our documentation? Please tell us.