Level:
Novice
Context
OpenVAS is a powerful vulnerability scanning toolkit that consists of a server, client, and manager applications. It can be used to scan systems for known
vulnerabilities, and to identify and exploit them. The OpenVAS vulnerability scanner is free and open source software, released under the GNU General Public
License.
OpenVAS manual installation has a lot of dependencies and configuration, which sometimes lead to unknown errors and decrease productivity.
Therefore, we recommend that you try to install OpenVAS with a Docker container, which only takes a couple of minutes to download and no set up is required.
A docker container is a lightweight, independent, and portable operating system instance that can be created from a Dockerfile and run on a single computer or
across multiple computers.
Excerpt
Install OpenVAS using Docker and perform a vulnerability scan to validate that OpenVAS if functioning properly.
Learning Outcome
– OpenVAS is a very common and useful vulnerability scanning tool.
– Downloading, installing, and configuring OpenVAS manually could be very time consuming, especially in a real-world situation where you only have a couple of
days or hours to perform a vulnerability scan.
– Using Docker is the solution to it all, it is pre-configured and all that is required is to download the Docker container.
Instructions
– Create a clean Ubuntu virtual machine OR install WSL2 on your host machine
– Install docker
– Install OpenVAS
– Scan a Windows XP virtual machine with OpenVAS
– Validation: You should find a of high-risk vulnerability related to SMB Remote Code Execution
Assignment submission instructions:
Click the button below to record your screen and proceed with the exercise.
Please make sure your video is less than 3 min long.
Stop recording and click the upload button in the window below.
