Nexpose Configuration in Kali Linux Tutorial

Nexposeis the only vulnerability management solution to analyze vulnerabilities, controls, and configurations to find the who, what, and where of IT security risk. Nexpose, in addition to Metaploit, is also the project of Rapid7. Some of the key usage of Nexpose are:

• Scan your IPv4 and IPv6 environments to discover your physical and virtual assets. Nexpose even discovers risk associated with IPv6 devices that may be enabled by default on your IPv4 environments.
  
• Always know what assets you have, no matter their status.
  
• Inventory and group assets into a variety of logical organizational categories. What happens when new assets are added or deleted? No problem. Your asset groups automatically and dynamically update.
  
• Scan for current and emerging threats—including vulnerabilities, misconfigurations and the impact of malware – and see how they connect to your environment.
  
• Enable stakeholders to manage just the assets they own and only see what matters to them.
  
• Prioritize threats based on potential risk, so you can address what's most dangerous first.
  
• Assess the potential risks identified by Nexpose scans and cross-check with available exploits and malware kits.
  
• Validate vulnerabilities and their risk based on what’s actually exploitable in your environment.
  
• Keep track of your security program effectiveness with powerful executive and trending reports.
  
• Measure and streamline your internal security operations for optimal effectiveness.
  
• Prioritize your resources by impact on your specific environment and threat landscape.
  
• Develop a clear plan and route of the most impactful actions.
  

There are multiple editions of nexpose are available including the community version for individual user, the community version can scan up to 32 IP addresses and many other features are also there.

Nexpose Configuration on Kali Linux

Ehacking have been asked to create Nexpose configuration tutorial on Kali Linux by many users, upon investigation we have found that people are facing problem with the installation. Despite the fact that problem was fixed by vendor itself, here are the quick steps that required to install nexpose in Kali Linux.

• On the first step, download the community version from Rapid7 website
  
• Get the activation code via your email
  
• Open the terminal and locate the directory where you have download the Nexpose before
  
• Make the program executable and then start the installation process by using following commands:
  

chmod +x nexpose.bin
./nexpose.bin

• Follow the simple steps, enter username and password
  
• Everything simple, just like the installation of any other basic software
  

• When you are finished with installation, all you need to do is to locate the Nexpose directory and execute the command to run it via console.
  
• Be patients, it takes time to download and configure the plugins from rapid7 website. Let the software to perform its intended job and then you need to run nexpose by using the following local address:
  

/opt/rapid7/nexpose/nsc/nsc.sh 

After getting all the plugins installed, open the localhost on your favorite browser. Use the created username and password and you are in. 
https://localhost:3780
That is it, the vulnerability scanning process will be discussed in later issue