If you want to scan a website in a demilitarized zone (DMZ), internal networks that are not publicly accessible, you can install Netsparker scan agents in your network. You can install Netsparker Enterprise scan agent on a Linux operating system. If you choose this installation, you must install some dependencies on the system, such as .NET, Mono, or 7zip. This is an alternative method for installing Netsparker Enterprise Scan Agents.
Mono is a software platform designed to allow developers to easily create cross-platform applications that become part of the .NET Foundation.
This topic explains how to install a Netsparker Enterprise scan agent on Linux (Debian distribution) operating systems.
For demonstration purposes, Ubuntu Linux was used as the operating system. Although the main flow remains the same, some instructions may be different depending on the Linux distribution you use.
How to Install a Netsparker Enterprise Scan Agent
- First, update the following operating system application repositories:
sudo apt update
sudo apt upgrade
- In order to install a Netsparker Enterprise scan agent, first make sure you have installed the following unzip and 7zip dependencies for extracting the shrinked files:
sudo apt install unzip
sudo apt install p7zip-full
- NTLM authentication is required. But, since the Linux installation does not support it by default, install the following package:
sudo apt install gss-ntlmssp
- Next, install dotnet-runtime-3.1 for Linux operating systems.
If you've already installed the SDK or runtime, use the dotnet --list-sdks and dotnet --list-runtimes commands to see which versions are installed.
wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt update
sudo apt install -y apt-transport-https
sudo apt update
sudo apt install -y dotnet-runtime-3.1
- Next, install Mono. The following dependencies are not only for installing Mono. In addition, the gnupg and ca-certificates will be used to check the digital signatures of the libraries:
sudo apt install gnupg ca-certificates
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF
We're adding official keys for Mono to check the integrity of the file.
- Add the following official Mono repository into the repository addresses that will be used by the Linux operating system:
echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list
- Update the repository with the latest link:
sudo apt update
- Next, install Mono:
sudo apt install mono-complete
- Install the Headless Chrome browser:
Dependencies for Chrome browser:
sudo apt install gconf-service libasound2 libatk1.0-0 libatk-bridge2.0-0 libc6 libcairo2 libcups2 libdbus-1-3 libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 ca-certificates fonts-liberation libappindicator1 libnss3 lsb-release xdg-utils wget
- Next, to run the Netsparker Enterprise Scan Agent, first extract the TAR file:
7z x Netsparker_Enterprise_Scanner_Agent.tar
chmod +x .local-chromium/Linux-*/chrome-linux/ chrome
Open appsettings.json file via any text editor you prefer, for example:
These settings will be used by the scan agent:
- This can be anything you want. This text will be displayed when you are starting a new scan. (If you are going to install more than one instance of the agent, you must set a unique agentName value for each instance, something you will use later.)
- In Netsparker Enterprise, the Agent Token is displayed in the Configure New Agent window. Copy the value into the apiToken.
- This is the URL of Netsparker Enterprise or the Netsparker Enterprise On-Premises.
How to Get an Agent Token for the Scan Agent
- Log in to Netsparker Enterprise.
- From the main menu, click Agents and then Manage Agents. The Agents window is displayed.
- Click Configure New Agent. The Configure New Agent window is displayed.
- In the Agent Token field, click Copy to clipboard ().
- Completing the required fields with the relevant values.
- To start the scan agent, enter this command:
You can see that the scan agent has started and is working as expected.
- In Netsparker Enterprise, you can check the status of the connection between it and the scan agent. From the Agents menu, click Manage Agents. The Agents window is displayed.
- Now, we can start a scan through the recently installed scan agent. From the main menu, click Scans, then New Scan. The New Scan window is displayed.
- Select a website whose Agent Mode is Internal. Then, along with the other settings required to start a scan, we can also select which Preferred Agent should be used to scan the target.