WHOIS AND VEGA
SCANNING
We hope you
have had a success in setting up your virtual system and installing the kali
toolbox that is required to start you off on your journey of hacking.
Now let us learn more on the different tools that we can use to make the process of hacking simpler. Just like how Instagram makes sharing our social life easier, the following tools will help us in the journey of hacking
WHOIS AND VEGA
Now that
you have had an introduction to hacking and know about the various phases of
it, it’s time to get our hands dirty and perform some tasks.
As you may
know that the first two phases of hacking are known as footprinting and
scanning.
Whois a
go-to tool for many hackers around the world for footprinting that can look up
information regarding a website. Information that is usually hidden.
Vega is a
tool for finding vulnerabilities in the security of website or a system,
otherwise known as scanning.
Don’t
confuse this Vega with the beauty brand.
Watch this
video to learn more about both these tools as well as how to use them.
HOW TO SCAN
USING VEGA
VEGA is an
open-source web security scanner, written in java with a GUI. You can scan for
XSS issues and can also scan for SQL injection vulnerabilities. Here we can see
how to do basic XSS scan for entire site.
Kali Linux
already has Vega vulnerability scanner installed, so you don’t need to install
it. To start VEGA, just go to:
Applications>Kali
Linux>Web Applications>Web Vulnerability Scanners>VEGA.
To start a
scan that will crawl the entire site and only check for XSS:
1. Click scan> ‘start new scan’.
2. In the dialog that appears, enter
your target websites URL as the ‘base’
3. Click next.
You would
have successfully completed a scan of the entire web-page.
RUNNING A
SIMPLE SCAN USING WHOIS
WHOIS is a
TCP-based query and response protocol that is commonly used to provide
information services to Internet users. It returns information about the
registered Domain Names, an IP address block, Name Servers and a much wider
range of information services.
To get the
information about specific IP Address issue the command as shown in the below
example.
$ whois
216.58.206.46
You will
end up with the following information
Whois is
dead simple and extremely fun to use. We hope you will be able to master the
tool and get accurate and useful scanning results.
1. Which one of the two is used for
finding vulnerabilities?
a. VEGA
b. Whois
Ans- VEGA
KEYPOINTS
TAKEAWAY!
We hope the
video gave you a in depth description on Scanning.
Here are a
few more key points for your reference.
·
Port
scanning: This phase involves scanning the target for the information like open
ports, Live systems, various services running on the host.
·
Vulnerability
Scanning: Checking the target for weaknesses or vulnerabilities which can be
exploited. Usually done with help of automated tools.
·
Network
Mapping: Finding the topology of network, routers, firewalls servers if any,
and host information.
Posts
0 Comments