How to install OpenVAS on ParrotSec

I show you how to install OpenVAS on ParrotSec in a step-by-step tutorial.

What is OpenVAS?

OpenVAS is THE open source vulnerability scanner. OpenVAS started under the name of GNessUs, a fork of the previously open-source Nessus scanning tool (which costs you money now). OpenVAS is also under the GNU General Public License (GPL).

I personally used this software in many different kinds of assessments and was always satisfied with the results I got (keeping in mind that it is completely free).

Of course tools like Nessus and NeXpose are more feature-rich, but they come with a high price-tag too.

For starters, OpenVAS is simply perfect and gives you a good idea of how a vulnerability scanner is working. I also found it very intuitive to work with.

So without further ado, let’s dive right into the installation.

I install OpenVAS on a freshly installed ParrotSec in VirtualBox. If you want to know how to install ParrotSec on Virtual Box check out this article.

 

Step 1 Installing OpenVAS on ParrotSec

First, we are going to run the initial setup. Open a terminal window and type:

sudo openvas-setup
How to install OpenVAS on ParrotSec
Run the initial setup

This will run you through the initial setup, it will take a couple of minutes.

Once this is done, do not close the window! Your admin password is displayed right there. Copy it.

How to install OpenVAS on ParrotSec
Copy your admin password

In case you forgot to copy it, you can reset the password by typing:

sudo openvasmd --user=admin --new-password=new_password

Now we just need to start OpenVAS by typing:

sudo openvas-start
How to install OpenVAS on ParrotSec
Starting OpenVAS

 

Step 2 Logging in to the Web Interface

Now we can go ahead and login to the Web Interface. Open your Web Browser and go to https://127.0.0.1:9392/

Add a Security Exception:

How to install OpenVAS on ParrotSec
Adding a Security Exception

Now log in with the username admin and the password you copied earlier.

How to install OpenVAS on ParrotSec
Logging in to the Web Interface

 

Step 3 Changing the Password

The first thing we want to do is to change the admin password. You will probably not be able to remember the automated password OpenVAS assigned you the next time you want to log in.

Navigate to Administration / Users.

How to install OpenVAS on ParrotSec
Changing the Password

Click on the little wrench symbol next to your admin user.

How to install OpenVAS on ParrotSec
Editing the Admin Account

Finally, change your password.

How to install OpenVAS on ParrotSec
Setting a new Password

That is it for the initial Setup. Your OpenVAS is now fully operational.

 

Step 4 Running your first Scan

To run your first Scan, Navigate to Scans / Tasks.

Now choose the little Wizard Wand Symbol to start the Task Wizard.

Simply enter an IP Address you want to Scan and hit Start Scan.

How to install OpenVAS on ParrotSec
Start Scanning

And there you have it. Easy, right?

This concludes this tutorial.

More OpenVAS goodness is coming in the near future. Subscribe to get informed about now content.

 

*All the techniques provided in the tutorials on ceos3c.com are solely meant for educational purposes only.
All of the techniques taught here are only meant to be used in a closed laboratory environment or in consent with a second party.
If you are using any of those techniques for illegal purposes, Ceos3c can’t be held responsible for possible lawful consequences.

Leave a Reply