Ethical Hacking Tutorial

Vulnerability Analysis Practical

Table of Contents

  • Vulnerability Analysis Using Nessus
  • CGI Scanning With Nikto
  • It’s Quiz Time!

Vulnerability Analysis Using Nessus

In this lab, you will run several scans on the target network to find open ports and services on it. Further, you will do the vulnerability scanning to look for the possible vulnerabilities in the network.

  1. Install Nessus.

  2. Launch Mozilla Firefox browser.

  3. Write https://localhost:8834 in the URL bar and press Enter.

  4. It will show that the connection is not secure. Click on Advanced.

  5. Scroll down and click on Add Exception.

  6. When the Add Security Exception window opens, click on Confirm Security Exception.

It will open the Nessus compiling plugins page. Wait till all the plugins get compiled and it redirects you to the login page.

  1. When the Nessus Home/Login page comes, use the below credentials, and click on Sign In.

  • Username: admin

  • Password: password

  1. When the Nessus - My Scans page opens, click on Policies under the Resources.

  2. Click on Create a new policy.

  3. Click on Advanced Scan.

  4. When the Policy General Settings with BASIC setting type shows up, define a policy name and add a description about it.

  5. From the Settings, go to DISCOVERY dropdown and choose Host Discovery. Turn off Ping the remote host. 

  6. Choose Port Scanning and check mark the Verify open TCP ports found by local port enumerators. Let the other fields remain as default.

  7. From the Settings, choose REPORT. Don’t change any other options there. 

  8. From the Settings, choose Advanced. It will open the Advanced Setting Type window. Enter the values of Max number of TCP sessions per host, as well as Max number of TCP sessions per scan as unlimited. 

  9. For configuration of credentials for new policy, click on Credentials. When the Credentials page shows up, click on Windows. Here, enter Username and Password. In this lab, we are using AD143 as username and qwerty@123 as password. 

  10. For choosing the needed plugins, click on Plugins. Don’t make changes to any other options here. Click on Save.

  11. It will show a Policy saved successfully pop-up.

  12. Click on Scans to open the My Scans window. Click on Create a new scan to see the Scan Templates.

  13. Click on User Defined and choose NetworkScan Policy

  14. Enter the Name of the scan, along with its description in the Targets field. Next, enter the IP address of the target for which the vulnerability assessment is being performed. In this lab, the name of the scan is Local Network and the IP of Windows Server 2012 is

  15. Click on Schedule settings. Here, turn off the Enabled switch and choose Launch from the dropdown.

  16. The Nessus will start scanning the target machine.

  17. Once the scan is done, a tick mark will appear to show you that the scanning is completed. Click on the tab to see the detailed output.

  18. It will open the Local Network page, showing the hosts summary and Scan Details.

  19. Click on Vulnerabilities. Scroll down to see the vulnerabilities related to the target machine.

  20. Click on specific vulnerabilities to see their detailed report.

  21. Click on Export and choose the format to download the report. 

  22. After choosing the format, let the other settings remain by default and click on Export.

  23. When the Opening Local_Network download window comes, select Save File and click on OK.

  24. Let the file name remain as default and select your preferred location for downloading the file. Click on Save.

  25. Minimize the browser when the downloading is complete. Now, go to the Desktop window.

  26. Open the downloaded report.

If it asks for how you want to open the file, select Adobe Acrobat Reader DC. Click on OK.

  1. The report will open in the Adobe Reader. Scroll and see the full report. After seeing it, come back to the browser where Nessus is running.

  2. In the right corner, find Sign Out and click on it. 

  3. Once the lab is complete, close the browser and all other windows. 

CGI Scanning With Nikto

Nikto is a web server scanner used to run detailed tests of web servers for various components, such as dangerous files, outdated server versions, specific issues, and more. It also checks the server configuration issues and finds the installed software and web servers.

In this lab, you will understand the use of Nikto for scanning web servers and learn how to do it.

  1. Write nikto -h and press Enter in the terminal command window. It will show the switches along with their uses.

  2. Write nikto -H and press Enter. -H is a switch here which will find the available help commands. For in-depth scanning of the web server, you should use the Tuning option. Note the Tuning options displayed here.

  3. Write nikto -h -Tuning 1 and press Enter. You will see an IP address of the site, hostname, and port as the output. 

This is how you use Nikto to scan web servers. 

It’s Quiz Time!

Did you find this article helpful?