Scribd
Upload
10 views9 pages

Rapport Seucrite

The document discusses using Nessus and OpenVAS vulnerability scanners to perform network scans and web application scans of a TryHackMe virtual machine and the Metasploitable virtual machine. It covers installing and using Nessus and OpenVAS, describing the different scan types in Nessus and running sample scans on the target VMs.

Uploaded by

loic youmssi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
10 views9 pages

Rapport Seucrite

The document discusses using Nessus and OpenVAS vulnerability scanners to perform network scans and web application scans of a TryHackMe virtual machine and the Metasploitable virtual machine. It covers installing and using Nessus and OpenVAS, describing the different scan types in Nessus and running sample scans on the target VMs.

Uploaded by

loic youmssi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as ODT, PDF, TXT or read online on Scribd
You are on page 1/ 9

REPORT :

UE : Network security
Examinator: M. MAHAMAT

I-) TRYHACKME lab NESSUS et scan de metasploitable avec NESSUS:

1-)WHAT IS NESSUS ?

Nessus vulnerability scanner is A vulnerability scanner which uses techniques similar to Nmap to find
and report vulnerabilities, which are then, presented in a nice GUI for us to look at. It’s different from
other scanners as it doesn't make assumptions when scanning, offers a free and paid service, in which
some features are left out from the free to make you more inclined to buy the paid service.

2-) installation of NESSUS:

The official installation guide can be found at


https://docs.tenable.com/nessus/Content/GettingStarted.htm
we must download the NESSUS package for debian amd64, and install it with DPKG, then, follow the
instructions to configure it through the GUI, which is by default launched at https://kali/8834.
3-) navigation and scan types :
The interface of NESSUS is presented as below, where we can see all scan types, and we notice that the
most suitable scan type is “Basic network scan”, that we’ll use later in this report.

4-) Run a network scan :

We create a new 'Basic Network Scan' targeting the VM that we deployed on Tryhackme.

We define a name for this scan, a description and a target which is the ip address of the VM that we
deployed on Tryhackme, we also define the list of all ports that we want to scan and then, we launch
the scan.
and the result is :

5-) run a web application scan on the VM:


this scan take a little more time, and when it’s end we can see :

6-) scanning METASPLOITABLE with NESSUS :

we’ll scan all ports (1-65535), the result is :


II-) OPENVAS :

1-) WHAT’S OPENVAS :

OpenVAS is an effective solution for proactive security management, allowing you to keep ahead of
potential attacks by scanning and assessing your systems on a regular basis. OpenVAS is a fork of the
original Nessus project and is noted for its adaptability, large database of vulnerability tests, and strong
community support.

2-) INSTALLATION OF OPENVAS :

we can install it from the Kali/OpenVAS repositories with the command : “ sudo apt install openvas ”
but openvas is installed in kali linux by default.
3-) DASHBORD AND SCANS :

and then, we reach the interface :


4-) SCANNING METASPLOITABLE :
and then we launch the scan, the result is :

You might also like