Vega is a cross-platform, open-source toolkit for testing the security of web applications, developed by Montreal-based Subgraph. Vega includes an automated vulnerability scanner and an intercepting proxy. The Vega vulnerability checks are implemented as Javascript modules. While Vega comes with a set of modules comprising the standard checks, a rich API makes it possible to extend the functionality of Vega. In this talk we will explain how some of the standard modules work, and then introduce the API for the development of new ones.


Comments are closed.