Tryhackme - OpenVAS

Tryhackme – OpenVAS

In this walk through, we will be going through the OpenVAS room from Tryhackme. This room will teaches us the basics of threat and vulnerability management using Open Vulnerability Assessment Scanning tool. So, let’s get started without any delay.

OpenVAS

Task 1 – Introduction

Task 1 - Introduction

Task 2 – GVM Framework Architecture

Question 1 – Read about GVM architecture and move on to setting up OpenVAS

Done
Task 2 - GVM Framework Architecture

Task 3 – Installing OpenVAS

Question 1 – Read the above and prepare your environment.

Done
Installing OpenVAS
Dashboard
Task 3 - Installing OpenVAS

Task 4 – Initial Configuration

Question 1 – Read the above and complete your first scan!

Done
Task Wizard
Report result
Task 4 - Initial Configuration

Task 5 – Scanning Infrastructure

Question 1 – Read the above and complete your scan on DVWA to test scanning remote infrastructure.

Done
New Task
New Target
Vulnerability scanning status
Vulnerability scanning status

Task 5 - Scanning Infrastructure

Task 6 – Reporting and Continuous Monitoring

Question 1 – Read the above and practice reporting and monitoring.

Done
Task 6 - Reporting and Continuous Monitoring

Task 7 – Practical Vulnerability Management

Question 1 – When did the scan start in Case 001?

Host Summary Start time
Feb 28, 00:04:46

Question 2 – When did the scan end in Case 001?

Host Summary End time
Feb 28, 00:21:02

Question 3 – How many ports are open in Case 001?

Port Summary
3

Question 4 – How many total vulnerabilities were found in Case 001?

Host summary
5

Question 5 – What is the highest severity vulnerability found? (MSxx-xxx)

MS17-010
MS17-010

Question 6 – What is the first affected OS to this vulnerability?

Affected Software/OS
Microsoft Windows 10 x32/x64 Edition

Question 7 – What is the recommended vulnerability detection method?

Vulnerability Detection Method
Send the crafted SMB transaction request with fid = 0 and check the response to confirm the vulnerability.
Task 7 - Practical Vulnerability Management

Task 9 – Conclusion

Task 9 - Conclusion

Also Read: Tryhackme – Nmap Live Host Discovery

So that was “OpenVAS” for you. In this room, we have covered one of the most popular Open Source vulnerability scanner – OpenVAS. We have learned the basics of threat and vulnerability management using Open Vulnerability Assessment Scanning tool. We started with the setup and installation of the scanner. Then, moved into various types of scanning which it present. Also took a dive into some of the vulnerabilities found in the target VM. Overall, after completing this room we are well versed to work with OpenVAS Vulnerability Scanner. On that note, i will take your leave. Till then, “Happy Hacking”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top