Server side scanning

Nessus

Register and download it here.http://www.tenable.com/products/nessus-home

Then

dpkg -i nameOfFile

Start it

/etc/init.d/nessusd start

Step to use Nessus

  1. Open Nessus at http://127.0.0.1:8834. And login with credential.
  2. Click on the Policies on the bar at the bottom.
  3. Click on New Policy button at the left side bar.
  4. Select desired templates.

Templates as below:

  • Advanced Scan: Scan template for users who want total control of their policy configuration.

  • Audit Cloud Infrastructure: For users who want to audit the configuration of cloud-based services such as Amazon Web Services (AWS) and Salesforce.com.

  • Bash Shellshock Detection: Remote and credentialed checks for the Bash Shellshock vulnerability.

  • Basic Network Scan: For users scanning internal or external hosts.

  • Credentialed Patch Audit: Log in to systems and enumerate missing software updates.
  • GHOST (glibc) Detection: Credentialed checks for the GHOST vulnerability.
  • Host Discovery: Identifies live hosts and open ports.
  • Internal PCI Network Scan: For administrators preparing for a Payment Card Industry Data Security Standards (PCI DSS) compliance audit of their internal networks.
  • Mobile Device Scan: For users of Apple Profile Manager, ADSI, MobileIron, or Good MDM.
  • Offline Config Audit: Upload and audit the config file of a network device.
  • PCI Quarterly External Scan: An approved policy for quarterly external scanning required by PCI. This is offered on Nessus Enterprise Cloud only.
  • Policy Compliance Auditing Audit system configurations against a known baseline provided by the user.
  • SCAP Compliance Audit: Audit systems using Security Content Automation Protocol (SCAP) content.
  • Web Application Tests: For users performing generic web application scans.
  • Windows Malware Scan: For users searching for malware on Windows systems.

Useful link: https://www.cyberpratibha.com/nessus-scan-policies-and-report/

Nikto

Nikto Web Scanner is a Web server scanner that tests Web servers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. It also captures and prints any cookies received.

Integrate Nikto with Nessus

Modify /opt/nikto/nikto.pl and change the location of the configuration file:

Add the following line to /etc/profile and update the system-wide path to include Nikto (I've also added the directories containing the Nessus binaries):

export PATH=$PATH:/opt/nikto:/opt/nessus/bin:/opt/nessus/sbin

Re-compile and re-index the Nessus plugins:

/opt/nessus/sbin/nessusd -R

Restart Nessus

/etc/init.d/nessusd restart

OpenVas

OpenVas is another popular open-soruce vulnerability scanner.

If you are on Kali linux you have to firt run the initial setup scripts, like this

openvas-setup

Make sure to write down the password that the initialisation-scripts gives you

This will download some stuff and start setting everything up. When everything is set up you go to the web-interface:

https://127.0.0.1:9392/login/login.html

results matching ""

    No results matching ""