OpenVAS Scanner - The Network Vulnerability scanner

-

 

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.
in kali openvas is not present by default. We have to install it manually, for installing openvas open a terminal and enter


apt install openvas

to open openvas

Goto Applications >> Vulnerability Analysis >> openvas start 

 
 
 
login with your username and password, the default username is admin and the default password is created at the end of installation. If you missed the password just reset it by using the command
openvasmd --user=admin –new-password=admin123 ( give your desired password)


After logging in the dashboard will be like this

 
For creating new scan project first we have to create a task. For that
Goto configuration >> Target 
 
 
click on the tab with a star symbol on the left side 
 



Here we can create our target or target list. We can give a name for our target, can select from manual or we can give a list file containing all the ip’s we want to scan. Note one thing the ip’s should be in the order of one by one in the text file. Rest of the options keep it default. If you want a limited port scan then make the changes according to the scan and click on create. the created task will be listed on the target page.


For starting a scan
Goto scans >> Tasks



click on the tab with a star symbol on the left side
Here give a name for the scan task. In the scan targets field select the name we gave for the targets we created. All the targets we created will be listed in the scan target entry. In the scan config field we can chose the intensity and depth of the scan. If we need a fast and not so depth scan select the full and fast. If we need a indepth scan result select the full and very deep ultimate option, it is a bit slow but it scans for almost all NVT’s in the database. Then click on create on creating the scan. 
 
The created task will be listed in the scan page. Click on the play button to start the scan.
 
 
We can see the scan progress in the status tab.when the scan is finished we can see the reports in the reports section .
Goto scans >> Reports

For seeing the detailed report click on the entry under the date it will show the detailed report.click on each entry it will expand more giving us exactly what the vulnerability is and what is the remediation method.
 
We can download the reports in various format for that click on the dropdown menu near to dashboard select the format in which we want our report to be downloaded. Click on the download button to download our report.



 

Comments

  1. James Zicrov21 October 2021 at 10:25

    Hey, I must say you have gathered really a good stuff about scanning tools for all the readers. I really appreciate it. Thanks!

    Network Scanning Tools

    ReplyDelete

Post a Comment

Popular posts from this blog

Avet – Open Source Anti-Virus Evasion Tool

-
Image
When we want to perform an exploitation to a windows target, we need a payload that is undetectable to Antivirus Solutions. Msfvenom on its own is not enough. So we need an AV evasion tool to make this easy for us. Avet is a tool for building exe files with shellcode payloads for antivirus evasion. Installing Avet First clone the repository to our machine. git clone https://github.com/govolution/avet.git   After that go inside the folder and run the setup file to install wine and other missing components. cd avet/       Run the setup file to install the missing components.   ./setup.sh     Select create  for new installation   Running Avet There are two ways to run avet. Run avet by typing the command below. python avet_fabric.py   There are two ways to run avet. Either by compiling the make_avet script as shown below, or by  running the avet_fabric.py scr...
Read more

How to Repair Kali Linux grub after installing Windows in Dual boot System

-
Image
If your System has primary OS Windows then you install your secondary OS Kali Linux. That will be OK, Kali Linux puts boot entry of Windows automatically for you. At initial boot menu you can see both OS entry to boot. If your windows is corrupt in dual boot system or if you want to install windows as secondary OS after installing Kali Linux as primary OS. You may face corrupt boot-loader menu. You wont be able to boot Kali Linux any more because Windows wont put entry of Kali Linux automatically in their boot menu. So this post motive is to help those guys which are facing those problems subjecting to corrupt Boot-loader. There are mainly two methods: 1. Repair Grub via Kali Linux live USB. 2. Repair Grub Via Boot-rapair-disk. Method 1# Repair Grub via Kali Linux live USB It is up to you which you want to choose but if you are Linux familiar then go for this method. Requirements 1. A Kali Linux ISO image. You can download here: Download Kali Linux...
Read more

PDFCrack - Password Cracking Tool for PDF-files

-
Image
PDFcrack is a GNU/Linux tool for cracking password protected PDF files. It is a very small command line application. It is not preinstalled in kali linux. We can install through command line. For installing pdfcrack open a terminal and enter apt install pdfcrack Syntax and options Usage: pdfcrack -f filename [OPTIONS]           : pdfcrack -f filenmae -w passwordfile.txt OPTIONS : -b, --bench perform benchmark and exit -c, --charset=STRING Use the characters in STRING as charset -w, --wordlist=FILE Use FILE as source of passwords to try -n, --minpw=INTEGER Skip trying passwords shorter than this -m, --maxpw=INTEGER Stop when reaching this passwordlength -l, --loadState=FILE Continue from the state saved in FILENAME -o, --owner Work with the ownerpassword -u, --user Work with the userpassword (default) -p, --password=STRING Give userpassword to speed up breaking ownerpassword (...
Read more