1
00:00:01,530 --> 00:00:04,470
So now I'm going to check the Nessa's service and started.

2
00:00:07,000 --> 00:00:15,550
OK, so open your browser now and type HTTP Escalon, Celeste Colly, Colen eight eight three four.

3
00:00:17,050 --> 00:00:19,540
And then this will take you to the NSA login screen.

4
00:00:21,100 --> 00:00:24,790
So in the beginning, you may see an initialization screen like this one.

5
00:00:27,110 --> 00:00:30,140
So just down to your credentials and hit the Sinon button.

6
00:00:35,670 --> 00:00:37,740
OK, so now this is the Nessa's homepage.

7
00:00:39,040 --> 00:00:41,500
It has a pretty clear and clean interface.

8
00:00:42,420 --> 00:00:49,800
So what I'm going to do is quickly add a folder for my scans and name it PWI MSF.

9
00:00:51,560 --> 00:00:55,100
So create the folder and let's go into the folder.

10
00:00:56,640 --> 00:00:59,280
OK, so now you have two options here.

11
00:01:00,560 --> 00:01:02,630
You can either create a scan directly.

12
00:01:03,630 --> 00:01:09,750
Or you can create a policy and then use this policy for a particular scam.

13
00:01:10,920 --> 00:01:18,510
Me, I always create policies because then I can use them in every penetration test that I do.

14
00:01:19,550 --> 00:01:22,820
So I would advise you to do the same, just follow along.

15
00:01:24,460 --> 00:01:26,590
So even now, I'm going to show you how to create a policy.

16
00:01:28,770 --> 00:01:30,660
So click here to start.

17
00:01:32,230 --> 00:01:35,200
Right, so now these are the predefined policies.

18
00:01:36,080 --> 00:01:38,360
Now, for your purpose, you can choose one of them.

19
00:01:39,620 --> 00:01:43,820
But also, you have the option to start a custom policy.

20
00:01:44,980 --> 00:01:51,000
So over here on the upper left corner, there's an advanced scan, so click here.

21
00:01:52,740 --> 00:01:59,730
All right, so let's give it a name and description, and that's going to be your first scan.

22
00:02:01,420 --> 00:02:07,990
So Nessa's provides you an ability to share your policy or scan with other users.

23
00:02:09,070 --> 00:02:15,190
So if you want under the permission tab, select can use as an option.

24
00:02:17,810 --> 00:02:19,250
Under the discovery menu.

25
00:02:20,540 --> 00:02:26,870
You'll find how to discover hosts and services, and you can also can figure out how to scan the ports

26
00:02:26,870 --> 00:02:27,680
on the target.

27
00:02:28,970 --> 00:02:31,460
And there's really nothing to change here.

28
00:02:33,140 --> 00:02:38,420
Assessment menu, it provides extra assessment configuration.

29
00:02:40,020 --> 00:02:47,970
Now, here under brute force segment, I want you to check this box to not try after a successful launch

30
00:02:47,980 --> 00:02:48,180
in.

31
00:02:50,740 --> 00:02:55,120
All right, so you have Web applications in our lab open in.

32
00:02:56,530 --> 00:03:00,160
I won't change anything under Windows and Malware segment.

33
00:03:01,510 --> 00:03:07,840
Now, you can specialize in reports, but I think it doesn't allow much more than that, this might

34
00:03:07,840 --> 00:03:11,380
be, if there is one, a negative side of Nessa's.

35
00:03:13,040 --> 00:03:14,480
And the advanced menu.

36
00:03:16,590 --> 00:03:17,040
She now.

37
00:03:17,900 --> 00:03:25,280
I think I've said this before, but being stealthy is important, so you've got to check here to randomly

38
00:03:25,520 --> 00:03:26,780
scan targets.

39
00:03:28,030 --> 00:03:31,120
And also check here to prevent network congestion.

40
00:03:34,140 --> 00:03:41,370
And under the credentials tab, Nessus gives you the opportunity to scan targets with custom discovered

41
00:03:41,370 --> 00:03:41,970
credentials.

42
00:03:43,870 --> 00:03:49,390
Nessus will perform more tests on the targets if valid credentials are given.

43
00:03:50,990 --> 00:03:55,550
And you can also add ASH is as well as some other service accounts.

44
00:03:57,460 --> 00:04:03,610
So earlier, we have discovered how to use the vagrant username and password.

45
00:04:05,580 --> 00:04:06,870
So that's what I'm going to use.

46
00:04:10,050 --> 00:04:11,130
Compliance tab.

47
00:04:11,990 --> 00:04:13,400
Not going to change anything here.

48
00:04:14,590 --> 00:04:19,570
This this could be a good benefit for you when you perform a vulnerability assessment.

49
00:04:21,290 --> 00:04:29,780
Now, here there are many compliance checklists, you can choose a bunch of them and run a scan, but

50
00:04:29,780 --> 00:04:31,700
for now I don't need that.

51
00:04:33,350 --> 00:04:34,850
And here's a plug instead.

52
00:04:36,430 --> 00:04:43,990
So this is actually takes its power from plug ins, every plug in performs a particular task and the

53
00:04:43,990 --> 00:04:47,920
Nessa's team divides plug ins into families.

54
00:04:49,570 --> 00:04:54,760
So, for example, the denial of service plug ins resides under this category.

55
00:04:56,720 --> 00:05:03,350
Now, you also have to be careful to check the plug ins, because every unrelated plug in will create

56
00:05:03,350 --> 00:05:07,190
congestion in the network and that prevents you from being stealthy.

57
00:05:08,750 --> 00:05:11,990
And also some plug ins could very well crash the system.

58
00:05:13,360 --> 00:05:17,890
Sorry, now I am going to quickly uncheck unrelated plug in families.

59
00:05:19,140 --> 00:05:21,830
Not going to touch plug ins itself.

60
00:05:24,050 --> 00:05:26,660
But you can be that specific.

61
00:05:28,910 --> 00:05:32,300
So finally, save the policy.

62
00:05:33,730 --> 00:05:34,350
Okeydoke.

63
00:05:34,750 --> 00:05:38,200
So now you need to create a scan that's going to use his policy.

64
00:05:39,740 --> 00:05:43,460
So go up here to the top menu scan's.

65
00:05:44,760 --> 00:05:50,490
And here are the predefine scanned, but if you want to use your policy like I do.

66
00:05:51,810 --> 00:05:54,840
Follow me and go to the user defined tab.

67
00:05:56,050 --> 00:05:57,700
And click your policy.

68
00:05:58,760 --> 00:06:04,100
Now this green comes up, so name your skin and give it a description.

69
00:06:06,290 --> 00:06:14,420
And I'm going to choose the folder P wms f and now you can add targets.

70
00:06:16,220 --> 00:06:23,690
So, of course, we're going to use the both the Matus voidable two and three IP addresses.

71
00:06:25,060 --> 00:06:26,710
All right, so let's save the scan.

72
00:06:29,550 --> 00:06:36,810
Now, let's check the scan here and from that menu, just launch it or reconfigure it.

73
00:06:37,690 --> 00:06:38,590
I'm going to launch it.

74
00:06:41,850 --> 00:06:46,290
OK, so now you can watch the progress and examine what NASA's finds.

75
00:06:48,200 --> 00:06:50,090
Scans are going to take some time, so.

76
00:06:51,350 --> 00:06:54,970
I'll just let it finish up and I'll get right back to you.