OpenVAS Scanner - The Network Vulnerability scanner


 

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.
in kali openvas is not present by default. We have to install it manually, for installing openvas open a terminal and enter


apt install openvas

to open openvas

Goto Applications >> Vulnerability Analysis >> openvas start 

login with your username and password, the default username is admin and the default password is created at the end of installation. If you missed the password just reset it by using the command
openvasmd --user=admin –new-password=admin123 ( give your desired password)


After logging in the dashboard will be like this

 
For creating new scan project first we have to create a task. For that
Goto configuration >> Target 
 
 
click on the tab with a star symbol on the left side 
 



Here we can create our target or target list. We can give a name for our target, can select from manual or we can give a list file containing all the ip’s we want to scan. Note one thing the ip’s should be in the order of one by one in the text file. Rest of the options keep it default. If you want a limited port scan then make the changes according to the scan and click on create. the created task will be listed on the target page.


For starting a scan
Goto scans >> Tasks



click on the tab with a star symbol on the left side
Here give a name for the scan task. In the scan targets field select the name we gave for the targets we created. All the targets we created will be listed in the scan target entry. In the scan config field we can chose the intensity and depth of the scan. If we need a fast and not so depth scan select the full and fast. If we need a indepth scan result select the full and very deep ultimate option, it is a bit slow but it scans for almost all NVT’s in the database. Then click on create on creating the scan. 
 
The created task will be listed in the scan page. Click on the play button to start the scan.
 
We can see the scan progress in the status tab.when the scan is finished we can see the reports in the reports section .
Goto scans >> Reports

For seeing the detailed report click on the entry under the date it will show the detailed report.click on each entry it will expand more giving us exactly what the vulnerability is and what is the remediation method.
We can download the reports in various format for that click on the dropdown menu near to dashboard select the format in which we want our report to be downloaded. Click on the download button to download our report.



 

Comments

  1. Hey, I must say you have gathered really a good stuff about scanning tools for all the readers. I really appreciate it. Thanks!

    Network Scanning Tools

    ReplyDelete

Post a Comment

Popular posts from this blog

How to Repair Kali Linux grub after installing Windows in Dual boot System

PDFCrack - Password Cracking Tool for PDF-files

Avet – Open Source Anti-Virus Evasion Tool