[Cloud type] About web vulnerability diagnosis service “VAddy” [Web application]
table of contents
This is Ohara from the technical sales department.
I will try to diagnose website vulnerabilities using the cloud-based vulnerability diagnosis service VAddy
By the way, this service called "VAddy"
is a vulnerability diagnosis service from Bitforest, the developer of
"Scutum" provided by our partner SecureSky Technology
Create account
Create an account from the top page of https://vaddy.net/ja/
Enter the required information to create an account ID.
After creating your account, you will receive a verification email.Click
on the URL in the verification email to complete account creation.
Steps to configure vulnerability assessment
There are roughly four steps to setting up vulnerability diagnosis.
Follow the steps below to prepare for vulnerability inspection.
===============
① URL registration
② Installation of verification file in document root
③ Crawl settings
④ Browser proxy settings
===============
Registration of URL
Click the Create Project button.
It is necessary to allow the IP address for VAddy to crawl for vulnerabilities on the server side in advance
If the server you want to diagnose for vulnerability is a web server, click "Normal version VAddy".
If it is a local server within your company, click "privateNet version VAddy".
In this verification, we will use the "regular version VAddy" as an example.
Enter "project name" and "URL" and click "Create".
Setting the verification file in the document root
Download the verification file and place it in the document root of your server.
Proceed by following steps 1 to 3 in the image below.
If you follow steps 1 to 3, the file installation will be completed as shown below.
Crawl settings
Configure "crawl settings" to scan your site.
, configure the proxy settings for the "IP address" and "port number" listed in "1"
To set up a proxy on your PC, type the following:
When the crawl settings are completed, the target directories for vulnerability diagnosis will be listed as shown below.
When it is listed, there is a "SCAN" button in the left side navigation, so click it.
Now all you have to do is wait for the vulnerability assessment to finish.
Vulnerability diagnosis results
The diagnosis result came out in about 3 minutes after "SCAN". Please note that no vulnerabilities were found.
A vulnerability diagnosis result report will be generated for each directory.
summary
of VAddy's service are that the number of scans for vulnerability diagnosis is "unlimited" and that
all services are written in "Japanese".
It should be especially useful for diagnosing web services that require constant updates , such as social games and e-commerce sites
I want to diagnose web service vulnerabilities anytime!
If you are a company, please contact Beyond !
>>>[Click here for inquiries]<<<