SUPPORT

Contact Support

OPEN A TICKET

Installing a Scan Agent on Linux (RedHat Distribution)

If you want to scan a website in a demilitarized zone (DMZ), internal networks that are not publicly accessible, you can install Netsparker scan agents in your network. You can install Netsparker Enterprise scan agent on a Linux operating system. If you choose this installation, you must install some dependencies on the system, such as .NET, Mono. This is an alternative method for installing Netsparker Enterprise Scan Agents.

Mono is a software platform designed to allow developers to easily create cross-platform applications that become part of the .NET Foundation.

This topic explains how to install a Netsparker Enterprise scan agent on Linux (RedHat distribution) operating systems.

The instructions below were tested on CentOS 7, CentOS 8, Fedora 32, and Fedora 33.
How to Install a Netsparker Enterprise Scan Agent
  1. First, update operating system application repositories:

sudo yum update -y

  1. Install the dependent packages (Ignore this step for Fedora distributions):

sudo yum install -y epel-release

  1. Install the dependent packages:

sudo yum install -y nano tar gssntlmssp mono-complete

  1. Next, install .NET Core 3.1 SDK for Linux OS:
If you've already installed the SDK or runtime, use the dotnet --list-sdks and dotnet --list-runtimes commands to see which versions are installed.

CentOS 8, Fedora 32, Fedora 33:

sudo yum install -y dotnet-runtime-3.1

CentOS 7:

sudo rpm -Uvh https://packages.microsoft.com/config/centos/7/packages-microsoft-prod.rpm

sudo yum install -y dotnet-runtime-3.1

  1. Create a folder for Netsparker Scanner dependency (be sure to have permission for current user):

sudo mkdir -p /root/.local/share/Netsparker_Ltd

  1. Install the Headless Chrome browser dependencies:
sudo yum install -y pango.x86_64 libXcomposite.x86_64 libXcursor.x86_64 libXdamage.x86_64 libXext.x86_64 libXi.x86_64 libXtst.x86_64 cups-libs.x86_64 libXScrnSaver.x86_64 libXrandr.x86_64 GConf2.x86_64 alsa-lib.x86_64 atk.x86_64 gtk3.x86_64 xorg-x11-fonts-100dpi xorg-x11-fonts-75dpi xorg-x11-utils xorg-x11-fonts-cyrillic libX11-xcb.so.1 libnss3.so xorg-x11-fonts-Type1 xorg-x11-fonts-misc
  1. Next, to run the Netsparker Enterprise Scan Agent, first extract the TAR file:

tar xf Netsparker_Enterprise_Scanner_Agent.tar

chmod +x .local-chromium/Linux-*/chrome-linux/chrome

          Open appsettings.json file via any text editor you prefer, for example:

sudo nano appsettings.json

 

These settings will be used by the scan agent:

  • AgentName
    • This can be anything you want. This text will be displayed when you are starting a new scan. (If you are going to install more than one instance of the agent, you must set a unique agentName value for each instance, something you will use later.)
  • AgentType
    • This can be Standard or Cloud. If you want to use Cloud Provider for scanning, AgentType must be Cloud.
  • ApiToken
    • In Netsparker Enterprise, the Agent Token is displayed in the Configure New Agent window. Copy the value into the apiToken.
  • ApiRootUrl
    • This is the URL of Netsparker Enterprise or the Netsparker Enterprise On-Premises.
How to Get an Agent Token for the Scan Agent
  1. Log in to Netsparker Enterprise.
  2. From the main menu, Click Agents and then Manage Agents. The Agents window is displayed.

Agents window image

  1. Click Configure New Agent. The Configure New Agent window is displayed.

Configure New Agent Window Image

  1. In the Agent Token field, click Copy to clipboard (Copy to Clipboard Image).
  2. Completing the required fields with the relevant values.

Agent Json Setting Screen Image

  1. To start the scan agent, enter this command:

sudo dotnet Netsparker.Cloud.Agent.dll

You can see that the scan agent has started and is working as expected.

Agent Linux Screen Image

  1. In Netsparker Enterprise, you can check the status of the connection between it and the scan agent. From the Agents menu, click Manage Agents. The Agents window is displayed.

Agents Working Netsparker Screen Image

  1. Now, we can start a scan through the recently installed scan agent. From the main menu, click Scans, then New Scan. The New Scan window is displayed.
  2. Select a website whose Agent Mode is Internal. Then, along with the other settings required to start a scan, we can also select which Preferred Agent should be used to scan the target.

New Scan Agent Available Screen Image

Netsparker

Highly accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO