Ethical Hacking – Learning the Basics

Scanning Example

Your browser needs to be JavaScript capable to view this video

Try reloading this page, or reviewing your browser settings

This segment takes you through an example on vulnerability scanning. You will perform a scan on network and one on a website as well.

Keywords

  • scanning
  • vulnerabilities
  • linux
  • opensource
  • lynis
  • kali
  • security
  • owasp
  • zap
  • proxy
  • attack
  • reports

About this video

Author(s)
Sunil Gupta
First online
18 November 2019
DOI
https://doi.org/10.1007/978-1-4842-4348-0_9
Online ISBN
978-1-4842-4348-0
Publisher
Apress
Copyright information
© Sunil Gupta 2019

Video Transcript

Gupta: Hello and welcome. Let’s talk about Scanning Example. So in this video we are going to take a look at couple of points. First of all we will learn about how to perform Vulnerability Scanning in Networks and Websites and then I will show you that how you can create the final report of Vulnerability Scanning. So we need to open Kali Linux here and inside Kali Linux we are going to use some open source tools available there. So I’m here at Kali Linux Operating System and as we are learning the basics, so I’m going to show you that how you can perform Vulnerability Scanning inside Networks and Websites. So there are many open source tools available inside Kali Linux. We don’t need to install any external tool inside Kali Linux, right. So if you click on applications.

So first of all I’m going to show you that how you can scan the Network or a Host inside your network. So these are the chapters available here like Vulnerability Analysis, Web Application Analysis. So I will pick one tool from Network Vulnerability Analysis and one from Web Vulnerability Analysis. So let me pick one from Vulnerability Analysis, so these all are the tools which you can use for host or Network Vulnerability Scanning. So let me try Lynis, so you can click here. So here you can see the tool is available here, Lynis 2.6.2, right and you can see these all are the commands available here. So Lynis space command and the command is for example, if I want to scan my Kali Linux Operating System, so I can use this tool easily or if I want to scan any remote operating system inside my Network, I can also do that. So for a basic kind of scanning I’m showing you here that how to scan your Kali Linux Operating System and how to find out vulnerabilities using Lynis tool available inside Kali Linux Operating System.

So this is for Audit Command, right or Vulnerability Scanning Command. So audit space system means perform local security scan. So if you want to scan your local operating system then you can type audit space system. Audit space system space remote <host>, you need to type the name of that particular machine and then you can remotely scan another machine inside your network and some of the commands are also available here. What I’m going to do here for a basic kind of scanning, I’m showing you that how you can scan your Kali Linux Operating System using Lynis command. So the command will be like this, Lynis space audit space system and when you will hit Enter, it will start to scan your entire Kali Linux Operating System and will provide you a list of vulnerabilities according to the tool. So let me show you that how you can do this. You can come down and here on the terminal you can type, Lynis space audit space system, right. So this is to perform vulnerability analysis in your network and then you can hit Enter.

The program has been started and here you can see that first of all it has provided information about the operating system you are scanning. So the operating system is Linux Debian. You’re using Kali Linux Operating System, right. This is the Hardware platform. Hostname Kali and these are the profiles, log files are available here, report files are available here. Language you are using when you come down, then it will start scanning the File Systems inside my operating system. You can see /bin, these are the paths of the files available in Kali Linux Operating System, right. The softwares are available which are listed, which are installed and which are not installed are also listed here.

Boot and services, you can see here, right. Which services are on or which services are off, right. Kernel level checking is also here, right. You can see here that checking default run level, RUNLEVEL 5, right. Memory and Processes, Users, Groups and Authentications, Shells, File systems, USB Drives, basically overall my Kali Linux is a secure operating system, that’s why – that’s why it is not showing me any vulnerabilities inside it, right. Ports and packages, networking, it means that it is checking each and every component of the network, right and then it is listing right here and it is quite fast. You can see here that it has actually searched many components available inside my Kali Linux Operating System and have listed here, okay.

So using Lynis you can easily scan your operating system. You can also scan your – the remote operating system inside your network. So this is the basics of Vulnerability Scanning using the Open Source Vulnerability Scanner available in Kali Linux Operating System. So you can see here that it is saying Hardening Index 58, Tests performed 223 times, Plugins enabled 1, right. So logs are available here. Reports are available. If you want to check the Reports, you can check here in this path and that’s it – that it has ended the scanning process. There are many external tools are also available which can be used and then many internal tools are also available which can be used. I have used one internal tool available inside Kali Linux to perform network scanning.

Now we will perform that how you can scan a website inside Kali Linux. So to perform it, let me close it and there’s a tool available in Kali Linux which I personally used many times. So if you select Web Application Analysis, then you will find out owasp-zap. This is also one of the best tools available in Kali Linux for web scanning. So we have performed Network Scanning. Now let’s perform Web Scanning. Click here, owasp-zap. It works on Java. Now it will open up called – it’s a GUI version. You need to accept it and soon it will open up inside your Kali Linux Operating System. So this is owasp-zap. Now you can select the first one, click Start and here it is. So this is OWASP Zed Attack Proxy. You can see here that Zap is an easy to use integrated penetration testing tool for finding vulnerabilities in web application. So this tool is used to find out the weakness available inside websites or applications.

This is the place where you need to put the URL of the website and then you need to click on Attack and then it will start scanning the vulnerabilities available inside it. So we need to put the website – web URL here, so which website we need to use? So you can use here any testing website, right. You should not use any website where you are – where you are not authorized to scan, right. So you can use your personal website or you can use any testing website. So I’m going to use a testing website, which is provided by Acunetix Company, right and you can also use that website for testing purpose. So here you can type the website here, www.vulnweb.com. It is a sample website, that’s why we are using here. V-U-L-N-W-E-B.com, alright and then after that, you can simply click on Attack and it will start scanning the vulnerabilities inside it. Now let me click on Attack and here you can see that as it’s a small website, so it won’t take much time in the scanning process.

You can see here that it has already started scanning, right. It is using different different queries here to scan the vulnerabilities inside it. If you click on History, this is the History, we are scanning this website, Alerts are available here, what are the vulnerabilities inside it? Spidering at what are the URLs or what are the pages available in the website and here you will see Active Scanning in which this tool is trying to Attack on the website using various commands, various malicious commands inside it, right. So it has completed 55% and soon it will complete 100% and you can also create a report here, right.

Let me show – let me stop this scan, so the manually stopped, right. This is the report section where you can generate any report. So for example, if you want to generate HTML report, so you can select Report, click on Generate HTML Report and click here where you want to save it. So for example I want to save in the root folder or in the Desktop, now I’ll just select Desktop. So you can type the name, for example you can type report.html, where you want to save it. So let’s save it inside root folder and click Save File. So the report has been created and saved inside the root folder. Now you can click on Places, you can click on Home and I hope you will find out the report generated by Zed Attack Proxy or ZAP tool and here you can see that report.html has been saved inside root folder.

Now you just need to double click here and after double clicking here, it will open up inside your browser. So click – click on Browser. This is the report generated by Zed Attack Proxy. So basically tools automatically generate reports, but you can also create manual report by writing line by line. So these are the alerts and what are the high alerts? How many medium, how many low and how many informational kind of alerts and these are the explanation of alerts that you can read inside that report, right. So this is an example of Network Scanning and Website Scanning inside Kali Linux and how you can generate a report by using the tools I have also explained here in this video.