Web application tools

In this section, we will discuss two tools that can be used to test web applications. These tools are meant to supplement the other tools that we have discussed in the previous chapter on vulnerability assessment. In some instances, these tools are a better fit for the type of test that you are conducting.


Vega is an open source framework specifically designed for web testing. Vega is a Java-based application that provides testers with an easy to follow GUI. The following are some of its features:

  • The ability to utilize a number of injection modules, such as SQLi, XSS, and Shell injection attacks
  • Scanning with authentication and session cookies
  • Web Proxy
  • Reporting capability

Vega is not included with Kali Linux v 2.0. As a ...

Get Kali Linux 2 – Assuring Security by Penetration Testing - Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.