KALI – How to Install OpenVAS on Kali Debian Linux – The Visual Guide

31/08/2013

OpenVAS is an alternative to the Nessus scanner.

Step 1 – Download the Plugins for OpenVAS

Applications > Kali > Vulnerability Analysis

OpenVAS > Initial Setup

OpenVAS will now download all the plugins required (a few minutes)

The default user id is admin.

Enter a password.

******

Step 2 – Iceweasel Local Host – Port 9392

Iceweasel

https://127.0.0.1:9392

https://localhost:9392

I Understand the risks

Confirm Security Exception

Note:

If you can’t connect under local host, then go

Edit > Preferences

Advanced Tab

View Certificates

Look for the OpenVAS self signed certificate and delete it. Then go through adding the exception for Openvas 9392.

******

Step 3 – OpenVAS Login Box

Default username = admin

Password (whatever you entered during setup)

******

OpenVAS Security Assistant screen (Hermione Granger wizard appears)

******

Step 4 – Update your Vulnerability Database Feeds

Administration > NVT Feed > Synchronise with Feed Now

This step is critical. if you do not update the vulnerability database feeds, it will generate errors later on.

Administration > NVT Feed

Administration > SCAP Database Feed (these are xml files for the reports)

Administration > Cert Feed

*******

Add Users

Administration > Users

Add Users

*******

Step 5 – Set Targets to Scan

Configuration > Targets

Localhost will be there by default.

Add your router as a target eg 192.168.1.1 or 192.168.1.254

Look for the Blue box with a White star – click the star

White star = New Target

Viola…

Enter IP of Router, and port options (eg all TCP)

Create Target Button

*****

Step 6 – Create a Task

Scan Management > New Task

Home Router scan

Create Task Button

Scan Config = Full and Fast

NEW STATUS (Green)

Green Arrow to Run this new task

******

Step 7 – To watch LIVE

Set No Refresh dropdown box – to 30 seconds

*****

Errors & Solutions

1. Kali > Vulnerability Analysis > OpenVAS > OpenVAS Check Setup = may report what’s wrong and how to fix it.

2. Login failed. OMP service is down. (Not enough in NVT Feed)

Administration > NVT Feed

openvasmd –rebuild

openvasmd –update

openvasmd –migrate

******

KALI – How to install NESSUS on Kali – The Visual Guide

http://uwnthesis.wordpress.com/2013/07/31/kali-how-to-install-nessus-on-kali/

*****

KALI – How to easily install FLASH, JAVA, NAUTILUS, METASPLOIT, ETTERCAP & OPENVAS- LAZY KALI SCRIPT – The Visual Guide

http://uwnthesis.wordpress.com/2013/07/31/kali-how-to-easily-update-kali-lazy-kali-script/

*****

KALI – How to use SQLMAP for SQL Injection, to find Admin Password

https://uwnthesis.wordpress.com/2014/02/01/kali-linux-how-to-hack-use-sqlmap-for-auto-sql-injection-find-website-admin-password/

+ نوشته شده در چهارشنبه شانزدهم بهمن ۱۳۹۲ ساعت 17:31 توسط رسول محمودی |

Ethtool Command to Increase/ Decrease speed of Network card in Linux

http://www.systempandit.com/ethtool-command-to-increase-decrease-speed-of-network-card-in-linux/

+ نوشته شده در چهارشنبه شانزدهم بهمن ۱۳۹۲ ساعت 9:54 توسط رسول محمودی |

Cheops-ng A Network Management Tool

http://rasmoodi.persiangig.com/SoftWare/cheops-ng-0.2.3.tgz

+ نوشته شده در یکشنبه سیزدهم بهمن ۱۳۹۲ ساعت 14:48 توسط رسول محمودی |

swf intruder

http://rasmoodi.persiangig.com/SoftWare/swfintruder-0.9.1.tgz

+ نوشته شده در یکشنبه سیزدهم بهمن ۱۳۹۲ ساعت 14:33 توسط رسول محمودی |

sec tool market

http://sectoolmarket.com

Rank

Logo

Vulnerability Scanner

Version

Vendor

Detection Accuracy

Chart

IronWASP

0.9.1.0

Lavakumar Kuppan

100.00% Detection Rate
0.00% False Positives

(108/108)
(0/6)

WebInspect

9.20.277.0

HP Application Security Center

61.11% Detection Rate
0.00% False Positives

(66/108)
(0/6)

Wapiti

2.2.1

OWASP

57.41% Detection Rate
0.00% False Positives

(62/108)
(0/6)