So far in the book, we have not specifically set a topic point on tools. We have, for the most part, remained process-centric and discussed some tools within each chapter. For web application testing, this is a different matter. As you have seen throughout this chapter, there are many varieties of input and ways to interact with web applications, and this is the challenge with this form of testing. Therefore, it is usually best handled with tools to get the bulk data and then manually go and investigate areas of interest for the bulk data. There are a large number of tools out there, and we will not go through them here. We will, however, look at one of them before we move on. Within the Kali distro we have a number of web scanning tools.
An example of this is shown in the following screenshot:
The first one we will review here is the tool vega. You can access it by opening a terminal window and entering vega
. Once the program opens, you will see the main dashboard; this is shown in...