Vulnerability

Perform vulnerability scanning and exploit research.

Last updated 3 months ago

Was this helpful?

Vulnerability

Perform vulnerability scanning and exploit research.

Vulnerability Scanner

Nessus

Vulnerability scanner very powerful.

Runs on port 8834 tcp.

Nessus has two parts (both can be on the same machine):

Client to configure the scan.
Server to perform the scan and send the results to the client.

For Free License register . For Download .

systemctl start nessusd
systemctl stop nessusd

net start "Tenable Nessus"
net stop "Tenable Nessus"

Go to: https://<MY_IP>:8834/

Create a local account.

Tool

Details

Interactive script for download report ./nessus_downloader.rb

OpenVAS

Vulnerability scanner open-source and free.

Runs on port 8080 tcp.

Like nessus, OpenVAS also has two parts (both can be on the same machine):

Client to configure the scan.
Server to perform the scan and send the results to the client.

sudo apt-get install gvm && openvas

Initialization process (can take up to 30 minutes):

gvm-setup
# note credentials

Start & Stop:

gvm-start
gvm-stop

Go to: https://<MY_IP>:8080/

Tools & Other

Tool

Details

/usr/share/nmap/scripts/ nmap --script-updatedb nmap --script--help <SCRIPT> nmap --script "<SCRIPT or TYPE>" <IP>

Server Web Scanner. nikto -h <URL> -o <OUTPUT.html> -Format html

Research Exploit

Very important to analyze the exploits found very carefully, they could be harmful!

Tools

Detail

Exploit-db database locally and offline. searchsploit -u (update) searchsploit <STRING> (get ID) searchsploit -w <STRING> (get LINK) searchsploit -x <ID> (see l'exploit) searchsploit -m <ID> (Copy exploit + info)

Last updated 3 months ago

Was this helpful?