2. OpenVAS

Description:

  • OpenVAS (Open Vulnerability Assessment System) is an open-source vulnerability scanner used for vulnerability assessment and management. It scans for known vulnerabilities, provides detailed reports, and is a good alternative to Nessus for those who prefer open-source tools.

Examples:

    1. Installing OpenVAS:
    2. sudo apt update && sudo apt install openvas
      • After installing, run the setup:
      • sudo gvm-setup
      • Start the OpenVAS service:
      • sudo gvm-start

Explanation: OpenVAS is included in the Kali Linux repositories and can be installed using the package manager. The setup process may take time as it downloads the latest vulnerability definitions.

    1. Accessing the Web Interface:
      • OpenVAS uses a web-based interface accessible via https://localhost:9392.
      • Default credentials are usually admin for both username and password.
    2. Running a Full Vulnerability Scan:
      • Once logged in, create a new task and set the target IP addresses or subnets.
      • Run the scan, and OpenVAS will identify vulnerabilities such as open ports, outdated software, and misconfigurations. Explanation: The “Tasks” feature of OpenVAS allows users to configure custom scans that can range from quick checks to deep vulnerability scans, depending on the need.
    3. Generating Reports:
      • After the scan completes, use the “Reports” tab to view and export the findings in formats such as PDF, HTML, or CSV. Explanation: OpenVAS generates comprehensive reports that categorize vulnerabilities by severity, making it easier to prioritize remediation.
Scroll to Top