Applied Cyber Security Industry Led-Course

Instructor: XYZ

Lab Instructor: Moeez Javed

Lab 3: Vulnerability Scanning

Availability:
Monday to Friday: 9 AM – 5 PM (at CUST)
After 5 PM: Please drop a message instead of calling.

Lab Instructor Contact Details:

Phone: +92 333 8744696

Email: moeezjavedmj@[Link]

Capital University of Science and Technology, Islamabad

Introduction
With the rise of cyber threats and increasing vulnerabilities in modern IT
infrastructures, organizations need robust security measures to protect
their systems. Vulnerability assessment tools such as OpenVAS and
Nessus play a crucial role in identifying security weaknesses and
mitigating potential risks.

This manual serves as a step-by-step guide for installing, configuring,

and utilizing OpenVAS and Nessus on Kali Linux. These tools allow
cybersecurity professionals and students to conduct vulnerability scans,
analyze security risks, and strengthen network defenses.

What You Will Learn

By following this manual, users will gain hands-on experience in:

 Setting up OpenVAS and Nessus on Kali Linux
 Performing vulnerability scans on networked systems
 Configuring scan parameters for targeted security assessments
 Analyzing scan results to identify security weaknesses
 Implementing best practices for network security and risk mitigation

Who Should Use This Manual?

This guide is designed for:

 Cybersecurity students who want to learn vulnerability scanning
 Ethical hackers and penetration testers aiming to assess system security
 IT professionals responsible for securing network environments
 Anyone interested in learning cybersecurity tools and techniques

By completing the exercises and practical tasks included in this manual,

readers will be well-equipped to use OpenVAS and Nessus for real-
world vulnerability assessments, making them valuable assets in the
field of cybersecurity.

Capital University of Science and Technology, Islamabad

Prepare Kali Linux for the installation of OpenVAS

Unless you have already done so, make sure that the Kali Linux is up to
date and install the latest Kali Linux. You automatically download the latest rules,
create admin users, and start the various services. Depending on bandwidth and
computer resources, this may take a while.

 sudo apt update — or use sudo apt-get update

sudo apt-get update

 sudo apt upgrade -y

sudo apt upgrade

sudo apt dist-upgrade -y

Capital University of Science and Technology, Islamabad

Installing OpenVAS on Kali Linux

To install Openvas and its dependencies on our Kali Linux system run the following
command:

sudo apt install openvas

or use

sudo apt install gvm

sudo apt install openvas

The next step is to run the installer, which will configure OpenVAS and download
various network vulnerability tests (NVT) or signatures. Due to a large number of
NVTs (50.000+), the setting process may take some time and consume a lot of data.

Capital University of Science and Technology, Islamabad

Run the following command to start the setup process:

sudo gvm-setup

The gvm-setup command will take a long time to download all the vulnerabilty
definitions (Notus files, NASL files, SCAP data, CRET-Bund data, gvmd data).

Hint: OpenVAS will also set up an admin account and automatically generate
a password for this account which is displayed in the last section of the setup output.

Password reset

Did you forget to note down the password? You can change the admin password using
the following commands:

sudo gvmd --user=admin --new-password=passwd

Note: if you don’t rest the automatically generated admin credentials

[password], make sure to safe a copy as you will need it later for login.

update admin user password

Capital University of Science and Technology, Islamabad

Note: To create a new user

sudo runuser -u _gvm — gvmd — create-user=admin2 — new-password=12345

To change the password of the existing user

sudo runuser -u _gvm — gvmd — user=admin — new-password=new_password

Verify the Installation

You can verify your installation with.

 sudo gvm-check-setup

after the process is complete, we should get a confirmation that the installation was
completed without error.

Capital University of Science and Technology, Islamabad

Starting and stopping OpenVAS

Before starting to install the virtual appliance, the last step I have to consider is to start
and stop the OpenVAS service. OpenVAS services consume a lot of unnecessary
resources, so it is recommended that you disable these services when you are not using
OpenVAS.

Capital University of Science and Technology, Islamabad

Run the following command to start the services:

sudo gvm-start

Capital University of Science and Technology, Islamabad

 Hint: To stop the OpenVAS services again, run: sudo gvm-stop

After the configuration process is complete, all the necessary OpenVAS processes will
start and the web interface will open automatically (In my case I had to open the
browser manually). The web interface is running locally on port 9392 and can be
accessed through [Link]

First time you want to open this URL you will get a security warning. Click
on Advanced and Accept the Risk and Continue.

Capital University of Science and Technology, Islamabad

The next step is to accept the self-signed certificate warning and use the automatically
generated admin credentials (in my case I rest the admin password) to login on to the
web interface:

Capital University of Science and Technology, Islamabad

Capital University of Science and Technology, Islamabad
Configuration for a new target

Begin by navigating to Scans > Tasks and clicking on the purple magic wand icon to
begin the basic configuration wizard. After successfully navigating to the wizard, you
should see a pop-up window similar to the one shown above. You can set up the initial
scan of the local host here to make sure everything is set up correctly.

Scanning may take a while. Please allow OpenVAS enough time to complete the scan.
You will then see a new dashboard for monitoring and analyzing your completed and
ongoing scans, as shown below.

Capital University of Science and Technology, Islamabad

Schedule the scanning process

Now that we know everything is normal, we can take a closer look at OpenVAS and
how it works. Expand the car to scan and> start the task of creating a scan task for
the managed computer.

Creating a Task

To create a custom task, navigate to the star icon in the upper right corner of the
taskbar and select New task.

Capital University of Science and Technology, Islamabad

After selecting ” New Task” from the drop-down menu, you will see a large pop-up
window with many options. We will introduce each option part and its purpose.

For this task, we’ll be specializing only in the Name, Scan Targets, and Scanner Type,
and Scan Config. In later tasks, we will be focusing on the opposite choices for
additional advanced configuration and implementation/automation.

1. Name: permits North American country to line the name the scan are going to
be referred to as inside OpenVAS

2. Scan Targets: The targets to scan, can embrace Hosts, Ports, and Credentials.
to make a brand new target you may follow another pop-up, this can be lined later
during this task.

3. Scanner: The scanner to use by default will use the OpenVAS design but
you’ll be able to set this to any scanner of your selecting within the settings menu.

4. Scan Config: OpenVAS has seven totally different scan sorts you can choose
from and can be used supported however you’re aggressive or what info you wish
to gather from your scan.

Capital University of Science and Technology, Islamabad

Scoping a New Target

To scope a new target, navigate to the star icon next to Scan Targets.

Above is that the menu for configuring a replacement target. the 2 main choices you
may have to be compelled to assemble are the Name and therefore the Hosts. This
procedure is fairly uncomplicated and different options will solely be employed in
advanced vulnerability management solutions. These are going to be lined in later
tasks.

Now that we’ve got our target scoped we are able to still produce our task and start the
scan. When the task is created, you’ll come to the scanning management panel,
wherever you’ll track and execute the task. To run the task, navigate to the run icon
within the operation.

Capital University of Science and Technology, Islamabad

Scan Configuration

Prior to launching a vulnerability scan, you should fine-tune the Scan Config that will
be used, which can be done under the “Scan Configs” section of the “Configuration”
menu. You can clone any of the default Scan Configs and edit its options, disabling
any services or checks that you don’t require. If you use Nmap to conduct some prior
analysis of your target(s), you can save hours of vulnerability scanning time.

Task Configuration

Your credentials, targets, and scan configurations are setup so now you’re ready to put
everything together and run a vulnerability scan. In OpenVAS, vulnerability scans are
conducted as “Tasks”. When you set up a new task, you can further optimize the scan
by either increasing or decreasing the concurrent activities that take place. With our
system with 3GB of RAM, we adjusted our task settings as shown below.

Capital University of Science and Technology, Islamabad

With our more finely-tuned scan settings and target selection, the results of our scan
are much more useful.

Assets

It permits visualizing the vulnerability of the parts akin to hosts or in operation systems:

Capital University of Science and Technology, Islamabad

Additional features

Allow adding common parameters to OpenVAS:

Administration

As the name suggests, you can manage passwords, users, etc.:

Capital University of Science and Technology, Islamabad

Change timezone

Note: Recommend setting the timezone as UTC, the report displays UTC time only no
matter what timezone you set

Top-Right corner > My Settings

With the wide range of options available in OpenVAS, we were only really able to just
scratch the surface in this post but if you take your time and effectively tune your
vulnerability scans, you will find that the bad reputation of OpenVAS and other
vulnerability scanners is undeserved. The number of connected devices in our homes
and workplaces is increasing all the time and managing them becomes more of a
challenge. Making effective use of a vulnerability scanner can make that management
at least a little bit easier.

Capital University of Science and Technology, Islamabad

Now

How to Install Nessus on Kali Linux

This section will guide you through the process of downloading, installing and running
Nessus Essentials on Kali Linux. Nessus does not come pre-installed in Kali and you
have to download it from the Nessus website.

Download Nessus

To download Nessus, visit the download page and select the Linux-Debian-amd64.

Then select “Download” to download the file to Kali. Alternatively, you can use the
command curlto download the file or download and install Nessus as a Docker image.

Installing Nessus

To install Nessus, simply enter the following command in the terminal, making sure
you are in the same folder as the downloaded file:

Capital University of Science and Technology, Islamabad

sudo dpkg -i Nessus-10.8.3-debian10_amd64.deb

To start installing the plugins required before using Nessus, enter the following
command at the command line:

sudo systemctl start [Link]

After starting the service, go to [Link] in your browser to access and set up
Nessus.

When you try to access the URL, a warning message will appear. Click on
“Advanced…” and select “Accept the Risk and Continue.”

A Nessus welcome screen will then appear. Click “Continue” to proceed.

Select “Register for Nessus Essentials” on the next screen and click “Continue.”

On the next screen, enter your name and email address and click “Register” to continue.

On the next screen, enter your name and email address and click “Register” to
continue.

Capital University of Science and Technology, Islamabad

On the next screen, you need to create a Nessus admin account, which will be used to
log into Nessus.

Capital University of Science and Technology, Islamabad

Nessus will now start downloading the plugins.

Capital University of Science and Technology, Islamabad

Once the process is complete, you will be taken to the Nessus dashboard.

From here, Nessus will start setting up the plugins, which will take some time to
complete. So grab a coffee and relax while Nessus does his thing.

Launch Nessus

Capital University of Science and Technology, Islamabad

To start Nessus, use the command:

sudo systemctl start [Link]

and then open https ://kali:8834/ in your browser.

You will need to log in with the details you set up earlier.

Once you’re logged in, you can start using Nessus.

Capital University of Science and Technology, Islamabad

Once you are done using Nessus, you can stop the service with the command:

sudo systemctl stop [Link]

Later in this guide, we’ll show you how to use Nessus in Kali.

Student Task:
Task 1: Install OpenVAS and Nessus

 Update and upgrade Kali Linux.

 Install OpenVAS and Nessus.
 Set up both scanners and verify their installation.

Task 2: Configure and Start OpenVAS

 Run OpenVAS setup.

 Start and stop OpenVAS services.
 Log in to the web interface.

Task 3: Perform a Basic Vulnerability Scan Using OpenVAS

 Create a scan task.

 Configure scan settings.

Capital University of Science and Technology, Islamabad

  Run and analyze scan results.

Task 4: Configure and Start Nessus

 Start the Nessus service.

 Register and activate Nessus Essentials.
 Log in and explore the Nessus interface.

Task 5: Perform a Basic Vulnerability Scan Using Nessus

 Create a new scan task.

 Configure scan settings and targets.
 Run and analyze scan results.

Task 6: Compare OpenVAS and Nessus Results

 Conduct the same scan on a local network.

 Compare the vulnerabilities detected by both tools.
 Document key differences and insights.

Task 7: Prepare and Submit the Report

 Summarize the findings from OpenVAS and Nessus.

 Include screenshots of scan results.
 Provide an analysis of vulnerabilities detected.
 Write conclusions and recommendations based on the scan results.
 Submit the final report.

Capital University of Science and Technology, Islamabad

Capital University of Science and Technology, Islamabad