Cheatsheets

OpenVAS Security Tool Cheatsheet

by n8n admin

πŸ›  Security Tool Cheatsheet

Alex Morgan — Senior Penetration Tester

What is OpenVAS?

OpenVAS (Open Vulnerability Assessment System) is a powerful open-source vulnerability scanning tool that allows security professionals to perform comprehensive assessments of their systems. It provides scanning and reporting capabilities that help identify vulnerabilities, configuration issues, and potential security risks in a network environment.

Installation

To install OpenVAS, follow the steps below based on your operating system:

On Ubuntu:

sudo apt update && sudo apt install openvas

On CentOS:

sudo yum install openvas

After installation, initiate the setup using the command:

sudo openvas-setup

Basic Syntax

The basic syntax for running OpenVAS scans is straightforward. Use the command:

openvas-cli --scan

Discovery

Before conducting vulnerability assessments, discovery is crucial to identify active hosts on the network.

Scan for active hosts:

openvas-cli --scan --targets  --launch

Scanning

OpenVAS allows detailed scanning options to identify vulnerabilities effectively.

Run a full scan:

openvas-cli --scan --targets  --config

Example of a fast scan:

openvas-cli --scan --targets  --config Fast

Exploitation

Although OpenVAS is primarily a scanning tool, integrating it with Metasploit can allow exploitation.

Run an exploitation scenario with Metasploit:

msfconsole

Load OpenVAS plugin:

use auxiliary/scanner/openvas/openvas

Set options and run:

set RHOSTS 
run

Analysis

After scanning, analyzing the results effectively is critical for actionable insights.

Export results to PDF:

openvas-cli --report  --export pdf

Query scan results:

openvas-cli --report  --query

Evasion

To hide scans and avoid detection, utilize different settings in OpenVAS.

Set scan to low priority:

openvas-cli --scan --targets  --config

Reporting

Generate comprehensive reports to summarize your findings.

Generate HTML report:

openvas-cli --report  --export html

List all generated reports:

openvas-cli --report --list

Quick Reference Table

Flag Description
–scan Initiate scanning
–targets Define the targets to scan
–report Generate report from scan results

Pro Tips

  • Regularly update OpenVAS: Keep the tool and its vulnerability definitions up to date.
  • Use tokens for automated scanning: This enhances the efficiency of continuous vulnerability assessments.
  • Integrate with SIEM: Feed OpenVAS reports into Security Information and Event Management systems for real-time analysis.

Real-World Examples

When conducting a comprehensive security assessment on a network with multiple subnets, use:

openvas-cli --scan --targets 192.168.1.0/24,192.168.2.0/24 --config Full

This approach ensures that you do not miss any potential vulnerabilities across different segments of your network.

Related Posts

AI Prompts Cheatsheet for Security Analysts

πŸ›  Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why AI Changes the Game for Security Analysts AI tools like ChatGPT, Claude, and others can significantly enhance a security analyst’s capabilities. They can automate…

Mobile Security Tips for iOS Devices

πŸ›  Security Tool Cheatsheet Alex Morgan — Senior Penetration Tester Why This Matters In today’s digital landscape, mobile devices are essential but also vulnerable to security threats. Ensuring your iOS device is secure helps protect…