Tools and Utilities

Here we can find some tools and utilities commonly used for processes related to vulnerability assessment:

Nessus

• It is a powerful vulnerability scanner that is used to identify and assess security flaws in systems, networks, and applications, detecting misconfigurations, missing patches, and potential attack vectors

Installation

• Download the Debian version at https://www.tenable.com/downloads/nessus?loginAttempted=true

snippet

---

• Install package

sudo dpkg -i $downloadedPackage #This is for Debian/Kali

---

• Start the service

sudo systemctl start nessusd.service

---

• Go to https://www.tenable.com/products/nessus/activation-code and register for Nessus Essentials, ask for a free activation license, and then access the service on https://localhost:8834 and insert the activation code

OpenVAS

• It is an open-source vulnerability scanner widely used in security assessments to identify security flaws in networks, systems, and applications

• https://www.openvas.org/

Commands

• Install

sudo apt install gvm

---

• Usage

sudo gvm-setup #Setup all tools, this will prompt for the password for admin login
gvm-start #Start the suite and connect to the deployment port