Home > Articles

This chapter is from the book

This chapter is from the book

Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security AuditsPenetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits

Learn More Buy

This chapter is from the book

This chapter is from the book

Penetration Testing Fundamentals: A Hands-On Guide to Reliable Security AuditsPenetration Testing Fundamentals: A Hands-On Guide to Reliable Security Audits

Learn More Buy

Web Application Scanners

Web applications are public facing, and thus popular targets for attack. For this reason, you should definitely put effort into scanning your web application for vulnerabilities.

OWASP ZAP

The Open Web Application Security Project (OWASP) is the standard for web application vulnerability. They also offer a free vulnerability scanner called the Zed Attack Proxy, or more commonly known as OWASP ZAP. You can download this from https://github.com/zaproxy/zaproxy/wiki/Downloads. The interface, shown in Figure 8-16, is very easy to use.

FIGURE 8-16

FIGURE 8-16 OWASP ZAP Main Screen.

Just type in the URL of the site you wish to scan, and click Attack. After a few moments, the results will be displayed (at the bottom). You can then expand any item. If you click on a specific item, details will be loaded into the window panes. You can see this in Figure 8-17.

FIGURE 8-17

FIGURE 8-17 OWASP ZAP Results.

OWASP ZAP is a very easy to use tool. The basics can be mastered in a few minutes. And given that OWASP is the organization that tracks web application vulnerabilities, it is a very good source for testing the vulnerabilities of a website.

Vega

Vega is another vulnerability scanner for websites. It is also free, and is available from https://subgraph.com/vega/download/. There are versions for Windows, Linux, or Macintosh. To begin a scan, just click on the target icon in the toolbar, then enter the URL of the website you wish to scan, as demonstrated in Figure 8-18.

FIGURE 8-18

FIGURE 8-18 Vega.

You then step through a simple wizard, selecting what items you wish to scan for, then the scan begins. After a few moments, you will see the results. You can expand and select any specific issue to see details, as shown in Figure 8-19.

FIGURE 8-19

FIGURE 8-19 Vega Results.

Much like OWASP ZAP, Vega provides details on what is wrong, how serious the issue is, and how to remediate the issue. Given that both OWASP ZAP and Vega are free and very easy to use, I recommend using both to perform vulnerability scanning of a target website. The use of multiple tools guarantees thorough coverage. That still won’t guarantee you catch every vulnerability, but it is the best chance of doing so, and it is as thorough as you can get.

Pearson IT Certification Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Pearson IT Certification and its family of brands. I can unsubscribe at any time.