Best FREE Vulnerability Scanner: Nessus Vs OpenVAS (Greenbone)

Поділитися
Вставка
  • Опубліковано 22 гру 2024

КОМЕНТАРІ • 48

  • @Nikoolayy1
    @Nikoolayy1 Рік тому +6

    Well Nessus can also do Web Application Tests and OpenVAS is just a vunrability scanner, so we have to add that into the picture as Nessus even can log into the web app using web form or basic authentication. I am not saying that OpenVAS is bad but it depends if you just need a vunrability scanner or also to test a web application.

  • @r3dl3ad3r
    @r3dl3ad3r Рік тому +3

    Deeper dive into a framework that can help less experienced individuals understand findings -Your review in plain language really helped understand me understand some common detections

    • @ProTechShow
      @ProTechShow  Рік тому

      Interesting idea. I'm not aware of a framework for such a thing, other than experience. As a crude tool the CVSS score can be used to roughly gauge how much you need to worry about a particular vulnerability, but it doesn't do much to really explain them.

  • @ffe4org
    @ffe4org Рік тому +2

    I'm curious about your scan approach. I don't have Nessus, but with GVM/openvas, you have two scan approaches: Outside scan, Internal System scan. The outside scan, meaning being outside the host and scanning for vulnerabilities and the Internal System scan being one where you setup a Root user, pass the access to GVM and it logs in to the system to find libraries installed and their current vulnerability status (any CVE's listed on them.) From the penetration tester/red team point of view, you're taking on the role of an outsider, seeing what's open, what's broadcasting, etc. From a Blue Team perspective, you probably want to know what libraries are out of date, what CVEs are reported for what is running and installed on the system. A scan of the system, as root, is preferable to finding these issues. In GVM setting up that Root scan is not simple and isn't the default, but when done it is the most powerful aspect of GVM (imo).

    • @ProTechShow
      @ProTechShow  Рік тому +4

      Nessus has the same options to run with or without credentials to log in to target systems. All of the scans used for this video were authenticated scans from the local network (blue team scenario) to give both tools the best opportunity to find problems.

    • @ffe4org
      @ffe4org Рік тому

      @@ProTechShow I actually downloaded Nessus Essentials and it looks like all the scans require an access token. It's kinda a pain, or do I have it wrong? Like in BurpSuite I don't need to pass in a user login, it can run against a web app pre login, or post login using my session. But in Nessus Essentials web app scan it seems like I need to give it a user/pass and know the param pattern for passing it to the backend. I like that level when scanning libraries on a system, but for pentesting vuln scanning I can't seem to get Nessus to just scan without giving it user credentials.

    • @ProTechShow
      @ProTechShow  Рік тому +1

      @@ffe4org if you start with the "advanced scan" template it's more of a GVM-like network scan. You can add credentials, but you don't have to. That's the method I used for the video.

  • @VideoGigs
    @VideoGigs Рік тому +3

    Great video! Many thanks for making it. I especially appreciated that you included info on false positives and gave a brief description on some of the findings. Just wondering if you know of any good resource online that breaks down the Nessus scan finding better than what is provided by Nessus. Basically a better description of the configuration-type issues found and remediation advice etc?

    • @ProTechShow
      @ProTechShow  Рік тому

      Thanks! I'm not aware of a generic location for information on everything. The best bet is to look on the website of the affected vendor. If there's a CVE number, stick that into Google. Microsoft, Red Hat, etc. will usually have a page dedicated to CVE that affects their products which will go into more detail. For others, stick the key phrase into Google and look for hits from the related vendor. These can be more work to find but there's usually an article about it somewhere - even if it's just to refute the alleged vulnerability.

  • @john.walley
    @john.walley 8 місяців тому +1

    Excellent overview. Thank you for such an in-depth review.

  • @MochAzkal
    @MochAzkal 4 місяці тому

    This explanation is just a masterpiece, really helpful!

  • @denson877
    @denson877 5 місяців тому

    i tried the nessus essentials solution, but whenever i try to go to the 'credentials' tab to configure an authenticated scan it never loads. the result is that i can't do an authenticated scan and only detect external facing vulnerabilities. has anyone else experienced this?

  • @aprendainformaticagratis
    @aprendainformaticagratis 10 місяців тому

    How about the docker version? " mikesplain/openvas "

    • @ProTechShow
      @ProTechShow  10 місяців тому

      Don't use it. That container image isn't maintained and has a version of OpenVAS that went end-of-life many years ago.
      There are official container images from Greenbone, but I don't personally use them. It seems like an overcomplication to me (it uses 16 containers), but if you want to go the Docker route that's the way to get a supported version.

  • @ruipereira-ci6hm
    @ruipereira-ci6hm Рік тому

    Where can I find the video mentioned at 19:29?

    • @ProTechShow
      @ProTechShow  Рік тому +1

      It should pop up on the end screen, but in case it's not supported on your device the direct link is ua-cam.com/video/d67pdfGBysI/v-deo.html

  • @rafaelhengky8915
    @rafaelhengky8915 3 місяці тому

    Could make a video on Windows Server hardening tutorial? And also Ubuntu/CentOS if you will. Thanks.

  • @xelerated
    @xelerated 11 місяців тому +9

    The reason Nessus is still ahead is the greenbone ui is so freaking ugly and not at all intuitive. Change that horrible ui and you might make great strides

    • @ProTechShow
      @ProTechShow  11 місяців тому +4

      It is in dire need of a UX update, that's for sure

    • @zthein.sunshine
      @zthein.sunshine Місяць тому

      @@ProTechShow version 24 dropped, slightly modern ui now

  • @grover-
    @grover- 2 дні тому

    Wait - Nessus are doing a free version limited at 16 hosts again?

    • @ProTechShow
      @ProTechShow  2 дні тому

      I don't think they ever stopped. It just got rebranded as Nessus Essentials at some point.

  • @leek4994
    @leek4994 Рік тому +1

    I wonder how Wazuh would do in this scenario. It might be a little overkill though.

    • @ProTechShow
      @ProTechShow  Рік тому +5

      My experience of Wazuh's vulnerability scanning is that it produces very poor quality results. The vulnerability module is more of a patch scanner in that it's just comparing installed software to a list of CVEs, so you can apply what I said at the start of the video. Combining its vulnerability results with its SCA module does go some way to providing better coverage by including quite a few configuration issues, but even so I've found the vulnerability module produces a LOT of false positives. If it was more accurate the agent-based approach would be great for mobile devices like laptops that are difficult to target with a network-based scan; but unfortunately I've found that the majority of its detections to be incorrect.
      I do quite like the Wazuh project, but the vulnerability results don't cut it for me at present.

  • @gerard-infopro6601
    @gerard-infopro6601 2 місяці тому

    Great video!

  • @zootsuitpenguin
    @zootsuitpenguin 7 місяців тому

    This is great info! Thanks sir!!!

  • @muhammadfarooq4386
    @muhammadfarooq4386 5 місяців тому

    great videw !! keep up the good work

  • @nshettys
    @nshettys 10 місяців тому

    Great Stuff!!!

  • @50PullUps
    @50PullUps Рік тому

    We used InsightVM by Rapid7.

    • @ProTechShow
      @ProTechShow  Рік тому +1

      One of the few that I believe is not based on Nessus/OpenVAS. I've not used it but heard good things. I think Rapid7 stopped offering a free version, though?

  • @JAY001SF
    @JAY001SF 5 місяців тому

    Hi there , Awesome work, Im a student in Cyber but I can learn much more from you. Do you have any mentor programs I can pay you for to teach me? I want to download videos so I can put on a USB to watch when I want , Can you help me out with a wat to accomplish this? ethecal hacking is what im trying to sprcialize in with mobile forensics? THanks Jay hope to hear from you. thanks you

    • @ProTechShow
      @ProTechShow  4 місяці тому

      Thanks Jay. I don't offer any sort of mentoring service. This is more of a hobby than a job, so between this and my actual job I don't have time for anything else!

  • @hasanenbashir9507
    @hasanenbashir9507 Місяць тому

    thank you

  • @sintaklaas6427
    @sintaklaas6427 2 місяці тому

    You're not listened to - from around min 5:00 you are getting lost in too many details - you're video seems to be made for a noob, but one needs to be a pentester to actually understand what the heck you are talking about. And a pentester knows already ...

  • @burklafaburklafa6006
    @burklafaburklafa6006 Рік тому

    0,75 is OK for non-natives

  • @Nickyy965
    @Nickyy965 Місяць тому

    i like you

  • @DoorSounds-h5x
    @DoorSounds-h5x 9 місяців тому

    NESSUS FROM GD

  • @zeprii9548
    @zeprii9548 6 місяців тому

    Lol both of these are paid not, and none of them have a free version

    • @ProTechShow
      @ProTechShow  6 місяців тому +4

      The video literally shows the free editions of both of them, and they're linked in the description

    • @vpx23
      @vpx23 Місяць тому

      @@ProTechShow Nessus is definitely Shareware now because it only runs 7 days, so no more Freeware. The prices are insane for SMB, only viable for major enterprises.

    • @ProTechShow
      @ProTechShow  Місяць тому

      @@vpx23 Nessus Essentials, as shown in the video and linked in the description, is still free. The trial of Nessus Professional/Expert lasts 7 days - you must have installed that instead. Use the link in the video description.