Contact Support


Installing a Scan Agent on Linux (Debian Distribution)

If you want to scan a website in a demilitarized zone (DMZ), internal networks that are not publicly accessible, you can install Netsparker scan agents in your network. The agent will conduct the actual scan job and then report the results back to Netsparker Enterprise.

Netsparker enables you to install the scan agent on a Linux operating system. If you choose this installation, you must install some dependencies on the system, such as .NET, Mono. Mono is a software platform designed to allow developers to easily create cross-platform applications that become part of the .NET Foundation.

This topic explains how to install a Netsparker Enterprise scan agent on Linux (Debian distribution) operating systems. To install the scan agent in RedHat distributions, please see Installing a Scan Agent on Linux (RedHat Distribution).

The instructions below were tested on Debian 9, Debian 10, Ubuntu 18.04, and Ubuntu 20.04
How to Install a Netsparker Enterprise Scan Agent
  1. Download the agent file:
      • In Netsparker Enterprise, click Agents, then Manage Agents. The Manage Agents window is displayed.
      • Click Configure New Agent. The Configure New Agent window is displayed.

    • Click Linux to download the required files to install the scan agent.
  1. Update the following operating system application repositories:
sudo apt update && sudo apt upgrade -y

  1. Install the following dependent packages:
sudo apt-get install p7zip-full
sudo apt install -y wget gss-ntlmssp nano mono-complete apt-transport-https

Please make sure that your Mono version is 5.20 or above. For further information, please see How to update Mono.

  1. Next, install dotnet-runtime-3.1 for Linux operating systems.
If you've already installed the SDK or runtime, use the dotnet --list-sdks and dotnet --list-runtimes commands to see which versions are installed.
wget -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb && sudo apt update
sudo apt install -y dotnet-runtime-3.1

  1. Create folder for Netsparker Scanner dependency (be sure to have permission for current user):
sudo mkdir -p /root/.local/share/Netsparker_Ltd

  1. Install the Headless Chrome browser dependencies:
sudo apt install -y gconf-service libasound2 libatk1.0-0 libatk-bridge2.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils libgdiplus

  1. Next, to run the Netsparker Enterprise Scan Agent, first extract the TAR file:
tar xf Netsparker_Enterprise_Scanner_Agent.tar
chmod +x .local-chromium/Linux-*/chrome-linux/chrome

            Open appsettings.json file via any text editor you prefer, for example:

sudo nano appsettings.json

These settings will be used by the scan agent:

  • AgentName
    • This can be anything you want. This text will be displayed when you are starting a new scan. (If you are going to install more than one instance of the agent, you must set a unique agentName value for each instance, something you will use later.)
  • AgentType
    • This can be Standard or Cloud. If you want to use Cloud Provider for scanning, AgentType must be Cloud.
  • ApiToken
    • In Netsparker Enterprise, the Agent Token is displayed in the Configure New Agent window. Copy the value into the apiToken.
  • ApiRootUrl
    • This is the URL of Netsparker Enterprise or the Netsparker Enterprise On-Premises.
How to update Mono

You need to update Mono so that Netsparker Helper Service can work properly. You can update the Mono as specified below:

For Ubuntu 18.04:

  • sudo apt install gnupg ca-certificates
  • sudo apt-key adv --keyserver hkp:// --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
  • echo "deb stable-bionic/snapshots/5.20 main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list
  • sudo apt update
  • sudo apt install mono-runtime

For Debian 9:

  • sudo apt install dirmngr gnupg ca-certificates
  • sudo apt-key adv --keyserver hkp:// --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
  • echo "deb stable-stretch/snapshots/5.20 main" |
    sudo tee /etc/apt/sources.list.d/mono-official-stable.list
  • sudo apt update
  • sudo apt install mono-runtime
How to Get an Agent Token for the Scan Agent
  1. Log in to Netsparker Enterprise.
  2. From the main menu, click Agents and then Manage Agents. The Agents window is displayed.

Agents Image

  1. Click Configure New Agent. The Configure New Agent window is displayed.

Configure New Agents Image

  1. In the Agent Token field, click Copy to clipboard (Agent Token Copy Image).
  2. Completing the required fields with the relevant values.

Linux AppSetting Json Image

  1. To start the scan agent, enter this command:
sudo dotnet Netsparker.Cloud.Agent.dll

You can see that the scan agent has started and is working as expected.

Agent working Image

  1. In Netsparker Enterprise, you can check the status of the connection between it and the scan agent. From the Agents menu, click Manage Agents. The Agents window is displayed.

Netsparker Enterprise Agent List Image

Now we can start a scan through the scan agent we just installed. To do that navigate to Scans > New Scan and select a website that agent mode is Internal. Then with other settings that required to start a scan, we can also select which agent would be used to scan the target:

New Scan Agent Selection Image


Highly accurate, fast & easy-to-use Web Application Security Scanner