How To Setup: Metasploitable 2 & OpenVAS (Tutorial)
Vložit
- čas přidán 3. 07. 2024
- This video provides a step-by-step guide on how to configure Metasploitable 2, a deliberately vulnerable virtual machine used for training and testing security tools and techniques, alongside OpenVAS, a comprehensive open-source vulnerability scanner. Discover how to install, configure, and utilize these tools to perform security audits and vulnerability assessments on your systems.
Metasploitable2: sourceforge.net/projects/meta...
Splunk: • Cybersecurity Tool for...
AD Project: • Active Directory Proje...
_________________________________
THE MYDFIR SOC ANALYST COURSE:
With 8 chapters and 30+ hands-on labs tailored to security operations, I am focused on transforming you into a standout SOC analyst. Beyond tools, you'll master the investigation process and uncover hidden details. Let's make a real difference together.
▸Enroll here: academy.mydfir.com/p/soc
_________________________________
SIGN UP FOR FREE MENTORSHIP
Getting started in Cybersecurity is difficult and you don't have to do it alone.
Let me help you on your journey.
▸Sign up for FREE here: www.mydfir.com
_________________________________
RECOMMEND COURSES FOR BEGINNERS:
Coursera Google Cybersecurity Program
Affiliate Link - imp.i384100.net/mydfir
Microsoft Cybersecurity Analyst Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-MS
Coursera Google IT Support Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-IT
_________________________________
PRODUCTS TO HELP YOU GET STARTED
🗺️ 1-Year Cybersecurity Roadmap: mydfir.gumroad.com/l/roadmap
📘 The NO BS SOC Analyst Roadmap: mydfir.gumroad.com/l/SOC-Anal...
📄 Resume Template: mydfir.gumroad.com/l/Resume-T...
📑 Cover Letter Template: mydfir.gumroad.com/l/Cover-Le...
🎙️ Interview Questions: www.mydfir.com/interview
📚 Cybersecurity bookmarks: mydfir.gumroad.com/l/bookmarks
_________________________________
EARLY ACCESS & EXCLUSIVE VIDEOS
Patreon: / mydfir
_________________________________
🕒 TIMELINE
00:00 - Intro
00:53 - Metasploitable
02:10 - Network Configuration
04:25 - OpenVas Setup
_________________________________
FOLLOW ME ON SOCIAL MEDIA:
▸Instagram: / mydfir
▸X: x.com/@MyDFIR
Disclaimer: All opinions in my videos are solely my own. Some links provided are affiliate links!
#cybersecurity #cybersecuritytrainingforbeginners #cybersecurityforbeginners #socanalyst #soc
For those who didn't know, VMware Workstation Pro is now free for personal use, no license required, no restrictions 👍
But I thought it only allows 1 VM? So you can't spin up
2-5 vm to have them talk to each other?
That shouldn't be the case... or atleast not that I am aware of. I was able to use 2 VMs to talk to each other recently.
@@MyDFIR sweet! I’ll try it out
When i was attending the CISA Federal Defense Skilling Academy Boot camp to obtain my Sec+ Cert, they had preconfigured VMs like this for log Analysis. We briefly touched on OpenVas, Snort, Green Bone.. ect. Because as with all boot camps you only have a few months to prepare you for the exam.. which for us was the Sec+.
We ran our first scan to see what "Normal" looks like. After a few attempts at attacking our target machine we then went back to see what evil looks like . This was One of the best lessons that i learned during that course.. its hard to find evil if you dont know what normal looks like on your network.
On that note, i always wanted to create my own home lab in just the same fashion but struggled to find decent tutorials that put it all together in just the same fashion as CISA (what i was familiar with).
You sir have done an excellent job here. Cant wait to see you attack the machine to expose the evil log files for review.
Thank you, the “attack & review” is extremely valuable. In fact, I’ve created a couple project series on this channel to illustrate that! Again, super valuable and thank you for sharing ❤️
Nice project! A similar project/s like this popped up from my CYSA+ study guide!
Great to hear!
Sweet. Concise and clear! Again, one of the best vids around for this
Much appreciated!
Can’t thank you enough for your work on this channel! Great content!
I appreciate that!
Fantastic Vid.
Thanks!
Thanks for the add.
Thanks for watching!
The great teacher Socrates
❤️
As always ❤
ya mine did not create a gvmd database going through trouble shooting now. Got a class assignment due tomorrow....yay.
Interesting, try from a fresh kali install
You are a Great Mentor
Thanks!
Can you make a video on how to set up a isolated virtual machine
Take a look at this video, it will explain the different networking options which can help you setup an isolated machine.
Cybersecurity Tip: Build A Basic Home Lab (2/3)
czcams.com/video/5iafC6vj7kM/video.html
@@MyDFIR thanks so much. Awesome video
Fantastic video! Thorough and straight forward as usual. I did run into an issue when I got towards the end and my "Feed Status" wouldn't update. It would just show the following: "NVT is 3 days old & SCAP, CERT, and GVMD_DATA are all "Update in progress.." Any advice how to get them to update?
Thanks! If its in progress you’ll need to wait and depending on the specs, it could take a while
@@MyDFIR I have waited since my original response about 3 days ago and still nothing. I have a relatively new PC (a few years old now) so I can't believe it's an issue with outdated hardware. Not a huge deal, but it would be nice if it worked.
I appreciate the response! Keep up the great work! :)
#Request - Sir can you please make projects on Qradar CE
@MyDFIR This video on Metasploitable2 and OpenVas was incredibly informative and well-presented! Thanks for creating such valuable content. I recently configured OpenVas on DigitalOcean and am attempting to perform internal network pentesting for a client. However, I'm encountering issues with port forwarding, which is limiting its full capabilities. Additionally, I'm on a VPN, which complicates things further. Do you have any suggestions for a better approach to resolve these issues? Thanks in advance!
Thanks! Is this black box testing? Part of me thinks its not since you are port forwarding because if it isnt, it would be easier to spin up openvas inside the network as it is an internal network pentest.
@@MyDFIR It is grey box testing and they have just given me VPN access for accessing their internal network but a lot of scanning tools aren't that reliable when on VPN. So I was wondering as I am not going to client's location as of now so in mean time what else can be done when we talk about Internal Network pentesting on VPN?
Are they special tools that give better results when doing pentesting on VPN?
in my case openvas did not work ..bunch or errors related to postgres.
Odd, is this a new install of kali or an existing one? Running with sudo? Could be permission related.
@@MyDFIR Was a new build. I download Ubuntu and the instalation was done..now the issue is error URL NOT FOUND The requested URL is not available.