In order to scan a website located on your internal network, and not accessible from the internet, you can install and configure a scan agent on your network. The agent will conduct the actual scan job and then report the results back to Netsparker Enterprise.
There are three stages to this process:
- Download and configure the Netsparker Enterprise scanning agent
- Run the agent on your local network where it can reach the internal website you want to scan
- Define and scan your internal website
Download and Configuring the Scanning Agent
First, you need to download the installation files of the scan agent and install them on a machine in your internal network.
- Windows Server 2012 or above (Windows Server 2012 R2 recommended)
- .NET Framework 4.7.2
- 1 GHz Processor (2.0 GHz or faster recommended)
- 1GB RAM (4GB or higher recommended)
- 2 GB Free Disk space (5 GB or higher recommended)
- Windows machine should be configured so that it can reach your internal website through HTTP/HTTPS
How to Download and Configure the Scanning Agent
- Open Netsparker Enterprise.
- From the main menu, click Agents, then Manage Agents. The Agents window is displayed.
- Click Configure New Agent. The Configure New Agent window is displayed.
- Click to download the Netsparker Enterprise Scanner Agent. Your Agent Token is also displayed.
- Extract the contents of the zip file to C:\NC_Agent. (You can use another location, but these instructions will use this path.)
- Open the C:\NC_Agent\Netsparker.Cloud.Agent.exe.config file with your preferred text editor.
- You need to edit two attributes before running the agent, listed under 'configuration/netsparker/settings'(line 10 by default)
- This can be anything you want. This text will be displayed when you are starting a new Scan. (If you are going to install more than one instance of the agent make sure you set a unique agentName value for each instance, something you will remember later.)
- In Netsparker, the Agent Token is displayed in the Configure New Agent window. Copy it into the apiToken.
- Save and close the C:\NC_Agent\Netsparker.Cloud.Agent.exe.config file.
Setting Scanning Agent as a Windows Service
An internal scan agent should be configured as a Windows service, so that it can poll the Netsparker Enterprise servers regularly, and can take the scan initiation command from the server.
How to Set the Scanning Agent as a Windows Service
- Open a command prompt in Administrator mode and add 'cd' into C:\NC_Agent.
- Run the command below to install the Netsparker Enterprise Scanning Agent as a Windows Service:
- Netsparker.Cloud.Agent.exe -i
- You should see the following output.
- Press Windows+R, type 'services.msc' and press Enter.
- Find 'Netsparker Enterprise Scanning Service - [YOUR_AGENT_NAME]'.
- Right click on it, and select Properties.
- Make sure Startup type is set to Automatic, and click Start.
- Click Apply and OK, then exit the Properties window.
- The Netsparker Enterprise Scanning Agent is now running on your network, shortly it will be registered to Netsparker Enterprise.
- You can uninstall the Windows Service by specifying the -u argument instead of the -i argument used during the Installation process.
Defining an Internal Website in Netsparker Enterprise
Now, you have installed scan agents into your infrastructure, you should configure Netsparker Enterprise to let it know which websites should be scanned with an internal agent rather than with the built in agents.
How to Define an Internal Website in Netsparker Enterprise
- Open Netsparker Enterprise.
- From the main menu, click Websites, then New Website. The New Website window is displayed.
- Enter your internal website details (see Adding a Website in Netsparker Enterprise).
- From the Agent mode field, select Internal.
- Click Save. The Websites window is displayed.
- Next to the Internal Website you have created, click Scan . The New Scan window is displayed.
- From the Target URL field, select your Internal Website (if the field is not already populated).
- The Preferred Agent field is already selected by default. Your newly installed scanning Agent is displayed as an option. If you installed more than one instance, select the one which can access your Internal Website. If any of them can access your Internal Website, select the default option, Any of the available agents. By selecting this, one of the idle agents will scan your website.
- Click Launch. (For simplicity, optimization and other settings are ignored in this procedure.)
- Your scan has been started in the Queued state. Shortly, you will see that it’s status changes to Scanning. Once it is completed, you will be able to explore the vulnerabilities found on your website.