Introducing Internal Vulnerability Scanning With VPN Profiles

In this article, you'll learn how to create and use VPN profiles to instruct the scanners to reach internal networks.

Introducing Internal Vulnerability Scanning With VPN Profiles
Introducing Internal Vulnerability Scanning With VPN Profiles

In this article, you'll learn how to create and use VPN profiles to instruct the scanners to reach internal networks. We'll also explore what VPN profiles are, their use cases in security scanning, and how to create to use them effectively.

What is a VPN Profile?

VPN profiles allow you to instruct any scanner on your BLACKBIRD Web App Pentesting Suite to access internal networks securely, enabling thorough vulnerability assessments of systems that aren't directly exposed to the internet.

Use cases of VPN Profiles for Pentests

  1. Internal Vulnerability Scanning: VPN profiles enable security tools to scan internal networks as if they were physically present within the organization.
  2. Comprehensive Asset Discovery: By connecting through different VPN profiles, scanners can discover and assess assets across various network segments.
  3. Simulating Insider Threats: Security teams can use VPN profiles to simulate attacks from within the network, testing internal security measures.
  4. Remote Security Audits: VPN profiles allow security professionals to conduct thorough audits without being physically present at the target location.

Creating a VPN Profile

Let's walk through the process of creating a VPN profile on your BLACKBIRD Web App Pentesting Suite:

Navigate to the VPN Profiles Section. In your top navigation bar, type in "vpn" and click on "Create VPN Profile"

Next, provide a descriptive profile name and select the VPN protocol. Afterward, click on "Upload VPN File" and select your OpenVPN (.ovpn) configuration file from your local device.

Finally, click on "Save". Once your VPN profile is saved, you will be redirected to the following view:

⚠️
At the time, "OpenVPN" is the only supported VPN protocol.

Using a VPN Profile in a Scan

Once you've created your VPN profile, you can now start using it. All scanners will now provide you with an option to select a VPN profile when opening the Advanced Options section (with the exception of JSAlert, the JavaScript monitoring tool).

Simply select your VPN profile from the list and the scanner will take care of the rest for you!

ℹ️
Your scan logs will reflect whenever a successful VPN connection is established prior to scanning.

Best Practices for Using VPN Profiles in Scans

  1. Regular Updates: Keep your VPN profiles updated to ensure they reflect any changes in the network configuration.
  2. Least Privilege: Create VPN profiles with the minimum necessary access rights for the scan.
  3. Monitoring: Keep track of which scans use which VPN profiles for easier troubleshooting and audit trails.
  4. Testing: Before using a VPN profile in a production scan, test it thoroughly to ensure it provides the expected access.

Conclusion

VPN profiles are a powerful tool for enhancing the capabilities of your security scanning efforts with BLACKBIRD Web App Pentesting Suite. By allowing secure access to internal networks, they enable more comprehensive vulnerability assessments and help organizations identify potential security weaknesses before they can be exploited.

New to BLACKBIRD Web App Pentesting Suite?

Is this the first time finding out about BLACKBIRD Web App Pentesting Suite? Try out a demo and discover what it can mean to you as a penetration tester!

Read more