Penetration Testing 2022 - 3 Most Common Vulnerability Scanning Tools

Enterprise 2022-09-04 10:48:59 views: null

Table of contents

1.nessus

2.AWVS

3.WPscan

1.nessus

1. What is Nessus software?

As shown in the figure, we can know from Baidu Encyclopedia: Nessus is the most widely used system vulnerability scanning and analysis software in the world. In total, more than 75,000 institutions use Nessus as the software for scanning their computer systems.

2. Installation of Nessus software

1. Download address

Download Nessus | Tenable® https://www.tenable.com/downloads/nessus As shown in the figure, this is the official download website.

 Let's take the kali system as an example.

 Click Download, then copy the Nessus-10.0.2-debian6_amd64.deb package to the root directory of the kali system. as the picture shows.

Then open the terminal emulator, enter dpkg -i Nessus-10.0.2-debian6_amd64.deb and press Enter, the installation is complete.

 Then enter systemctl start nessusd to run the software

 Then open this link https://192.168.0.109:8834 through your browser to register. Note: Select offline registration. 

       

 At this point we need to enter the license. Open this URL:  Nessus Essentials Vulnerability Scanner | Tenable® https://en-us.tenable.com/products/nessus/nessus-essentials?tns_redirect=true

 Enter your name and email, and an ID serial number will be sent to the email.

 Open the website:

Tenable Network Securityhttps://plugins.nessus.org/v2/offline.php

 The first entry is the challenge code we just got.

The second item is to enter the serial number sent in our mailbox.

Then click Submit.

This page will appear.

 Copy the contents of this section.

Copy it to the license box on the registration page, and click Continue to register successfully.

After entering the account password, you can log in successfully.

At this point, our software has been successfully installed.

Click - New Scan, we can see that there are many functional modules that can be used.

 However, there is no plug-in in our module at this time, and we need to fully install this plug-in. 

 We click this link to download the latest plugin installation package.

Then copy the downloaded installation package to the root directory of the kali system.

 Open a terminal terminal emulator and enter   

/opt/nessus/sbin/nessuscli update /root/all-2.0.tar.gz

Enter to install successfully 

Then restart the Nessus software

 Then refresh the page and start installing the plugin. This content is more, it takes half an hour to an hour or so. as the picture shows.

 After the installation is complete, refresh the page and log in with the account and password. You can log in successfully.

3. Use of Nessus software

Two examples:

1. Advanced Scan

Click New Scan, click Advanced Scan.

Enter the name and IP address. We have taken the kali system of our virtual machine as an example

 We can see that there are many functions next to it. English is not good, we right click to translate the webpage into Chinese. You can select the corresponding function according to your needs.

 

 This is a plug-in, and they will be used when scanning.

Click save, click run.

 This is a loophole that we have already swept out, we can click to take a look.

 

 We can analyze them one by one.

2. Web application application test program.

 

2.AWVS

 Introduction to AWVS

AWVS is an automated web application security testing tool that scans any web site and web application that is accessible through a web browser and follows HTTP/HTTPS rules. Intranet, extranet and Web site for customers, employees, manufacturers and others for any small, medium and large enterprise. AWVS can audit the security of web applications by checking for vulnerabilities such as SQL injection attack vulnerabilities, XSS cross-site scripting attack vulnerabilities, etc.

AWVS function introduction

  • WebScanner: core function, web security vulnerability scanning (depth, width, limit 20)
  • Site Crawler: Site crawling, traversing the site directory structure
  • Target Finder: Host discovery, find out the hosts with ports 80 and 443 opened on a given network segment
  • Subdomian Scanner: Subdomain scanner, using DNS query
  • Blind SQL Injector: Blind Injection Tool
  • Http Editor http: protocol packet editor
  • HTTP Sniffer: HTTP protocol sniffer (fiddler, wireshark, bp)
  • HTTP Fuzzer: Fuzzing Tool (bp)
  • Authentication Tester: Web authentication cracking tool

Installation of AWVS

Download address: Baidu network disk

Link: https://pan.baidu.com/s/1mH0SOaDeElZ_NTuK2NSArw 
Extraction code: zgqq

After decompressing on Windows, copy the awvs installation package to the root directory of the kali system.

 Configure awvs13-linux directory access permissions

sudo chmod 755 ./awvs13-linux/

Enter the awvs13-linux directory and give execute permission to all files in this directory

cd awvs13-linux
sudo chmod +x *

 Run the acunetix_13.0.200217097_x64_.sh script

sudo ./acunetix_13.0.200217097_x64_.sh

Enter Enter 

enter q

enter yes

Then enter IP: 127.0.0.1, account and password

 Note: The password must contain one lowercase letter, one uppercase letter, Chinese numbers and special symbols.

 After the final installation is complete, this address will be automatically generated,

 Enter the following two commands at the command line before logging in to crack the activation.

sudo cp -rf wvsc /home/acunetix/.acunetix/v_200217097/scanner/
sudo cp -rf license_info.json /home/acunetix/.acunetix/data/license/

Access via browser.

 Use of AWVS

It is very simple to operate, similar to the nessus tool to use.

Click Scan, click New Scan, enter the URL or IP to start scanning. Here is an example of the dc-4 shooting range.

 After the scan is complete, we open the loopholes and we can see the loopholes that were swept out.

At the same time, we can export the scanned results in the form of reports.

3.WPscan

 Introduction to WPscan

WPScan is a vulnerability scanning tool that comes with Kali Linux by default. It can comprehensively check the vulnerabilities of the wp website, so that it can promptly fix the vulnerabilities and avoid the danger of being hacked. At the same time, it can also realize Wordpressbrute force cracking of username and password for unprotected sites.

WPscan tool utilizes

View help information

wpscan -h

Update vulnerability library

wpscan --update

Scan for WordPress Vulnerabilities

wpscan --url http://dc-2/

scan wordpress users

wpscan --url http://dc-2 --enumerate u

Like, this is the user of the DC-2 range website I swiped.

Scan for themes and vulnerabilities used

wpsan --url http://dc-2 --enumerate vt

Specify dictionary brute force password

wpscan --url http://dc-2/ -U 2 -P 1

2 is the account number and 1 is the password. The accounts are the three admins, jerry, and tom we just scanned. The password is generated according to the website, using the cewl tool. For specific usage, please refer to the link below. 2022-Penetration Testing-Kali Linux Dictionary Generation Tool Cewl Usage Guide

 

Guess you like

Origin blog.csdn.net/qq_38612882/article/details/122860440
Recommended
Ranking
A quick primer on numpy basics
Two sister tease python project
Java | Multiple keywords in the replacement content are returned to the front end in red style
C ++: references
The string leetcood 1018 is a binary prefix divisible by 5
Flutter 布局组件
Java combat spingboot-redis
PMP pre-exam sprint and wrong questions sorting
ActiveMq C# Message Features: Delayed and Timed Message Delivery
DSP28377S_ copy a program from the RAM to FLASH portion DETAILS
Daily
More
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)

Code World

© 2018 codetd.com