Vega vous aidera à trouver et à corriger des attaques de type cross-site scripting (XSS), injection SQL, et plus encore.
Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows.
Vega can help you find vulnerabilities such as: reflected cross-site scripting, stored cross-site scripting, blind SQL injection, remote file include, shell injection, and others. Vega also probes for TLS / SSL security settings and identifies opportunities for improving the security of your TLS servers.
Vega includes an automated scanner for quick tests and an intercepting proxy for tactical inspection. The Vega scanner finds XSS (cross-site scripting), SQL injection, and other vulnerabilities. Vega can be extended using a powerful API in the language of the web: Javascript.
Vega, une création de Subgraph faite à Montreal.
Automated, Manual, and Hybrid Security Testing
Scannner automatisé
Vega includes a website crawler powering its automated scanner. Vega can automatically log into websites when supplied with user credentials.
Intercepting Proxy
Vega can be used to observe and interact with communication between clients and servers, and will perform SSL interception for HTTP websites.
Proxy Scanner
The Vega proxy can also be configured to run attack modules while the user is browsing the target site through it. This allows for semi-automated, user-driven security testing to ensure maximum code coverage.
Features
GUI-Based
Vega has a well-designed graphical user-interface.
Multi-Platform
Vega is written in Java and runs on Linux, OS X, and Windows.
Extensible
Vega detection modules are written in Javascript. It is easy to create new attack modules using the rich API exposed by Vega.