This blog is NOT OFFICIAL website of Kali Linux. We just share Tutorials to learn Cybersecurity.

Install and Use Vega on Kali Linux 2020 -- Web penetration Testing

Vega is an open source and cross platform web application penetration testing tool built in Java. Vega has a JavaScript based API which makes it even more powerful and flexible. In our today's article we are going to install and use Vega on our Kali Linux 2020.4 system without getting any error and use it.

Install and Use Vega on Kali Linux 2020

Using Vega is pretty easy by reading our detailed guide, everyone can install & use it to perform a scan also as a proxy. Vega did not comes with Kali Linux. Vega come pre-installed on some previous versions of Kali Linux, but now we need to install it manually, before that we need to do some configuration on our system.

Configuring Kali Linux 2020 for Vega

First we need to setup our java version to 8. To do it we need to run following command on our terminal:

sudo update-alternatives --config java

The screenshot of the command is following:

configuring Java version 8 on Kali linux 2020

Here we can see that our default Java version is marked by * i.e. Java version 11. To select Java version 8 we need to find the row number of Java 8. In our case Java 8 is on number 2. We need to type 2 and hit enter.

Now we have selected Java version 8 on our system. To check it we can run the previous command again to see the *'s location. It should be on Java 8. 

default java verion downgrade to 8 in Kali Linux
We need to add Debian Linux's repository to install libwebkit on our Kali Linux system. This libwebkit is not available on Kali Linux repository. That's why we need to add Debian's repository by using following command:

echo "deb oldstable main non-free contrib" | sudo tee -a /etc/apt/sources.list
Debian repository on Kali Linux

The above command will add Debian repository. We just need to update our cache by using update command:

sudo apt update

Now we are going to install libwebkit on our system, to do it we need to run following command:

sudo apt-get install libwebkitgtk-1.0-0 -y

This may took some time depending on our internet speed and system performance. After this we may need to restart our system to see effects. We rebooted our system.

If we wish we can remove the Debian repository now by using following command:

sudo nano /etc/apt/sources.list
removing debian repo from kali linux

Downloading and Installing Vega on Kali Linux

We can download Vega from the official website and Here we got the download option.

Vega download from offficeal website

After click on the download button we got options for various systems like Mac, Linux and Windows. Here we are using Kali Linux and we have 64 bit system so we download the 64 bit version of Linux.

Downloading vega
After downloading the zip file on our downloads folder we can use following command to unzip it

cd Downloads && unzip -q VegaBuild*.zip
Unziping Vega

It will be unzip in seconds then we need to navigate to vega unzipped directory by using cd command:

cd vega

We can see the files, we just need to run following command to start Vega on our Kali Linux system.


After this we can see that Vega is opened in our front as we can see in the following screenshot:

vega installed in Kali Linux 2020

Web Penetration Testing with Vega

There are two ways to start a scan in Vega. We can use the Scanner mode or We can choose the Proxy mode. First we talk about Scanner mode.

Scanner Mode:

In Scanner mode first we need to choose the "Start New Scan" option from the Scan menu.

New Scan in Vega

In the window, we enter the target website URL and click on Finish.

Vega new scan target

Then Vega will start the scan. After ending the scan we got the result as we can see in the following screenshot:

vega scan result

Here we can see we got 51 High risk on our vulnerable localhost server.

To check more details about the scan results and know about the vulnerabilities we need to look up at Scan Alerts in the left-hand side panel. Clicking on an alert shows us the details as we can see in the following screenshot:

Vega scan result details

This is how we can scan a website or web application using Vega on our Kali Linux system in 2020.

Proxy Mode:

This is very similar to Burp Suite and WebScarab. Vega also has a proxy feature, where we can intercept and analyze the requests manually too!

We are also able to edit and replay the requests to perform a manual check.

Vega Proxy Mode

This is how we can install & use Vega on Kali Linux 2020 versions and use it to do web penetration testing. Vega is still a good all-in one tool for bug bounty hunters and cybersecurity experts.

Liked our tutorials then please do subscribe our website using mail id for free, our new articles will be send in mail. We are also available on Twitter and GitHub. Also follow us there we post updates there.

For any problem please comment down below in the comment section, we will happy to help. We always reply.

Kali Linux


No comments
Post a Comment