background image

Vulnerability Scanning


Figure 4-1: Vulnerability scan results against the target web server

Scanning with NeXpose

NeXpose is Rapid7’s vulnerability scanner that scans networks to identify 
the devices running on them and performs checks to identify security weak-
nesses in operating systems and applications. It then analyzes the scan data 
and processes it for inclusion in various reports.

Rapid7 offers multiple versions of NeXpose, but we’ll use the Community 

edition because it’s free. If you plan to use NeXpose commercially, see the 
Rapid7 site (

) for information 

on the various versions and their capabilities and pricing.

Our target for scanning will be a default installation of Windows XP SP2 

as configured in Appendix A. We will first perform a basic overt scan of our 
target and import the vulnerability scan results into Metasploit. We will close 
out this section by showing you how to run a NeXpose vulnerability scan 
directly from 


 rather than using the web-based GUI, eliminating the 

need to import a scan report.


After installing NeXpose Community, open a web browser and navigate to 


. Accept the NeXpose self-signed certificate, and 

log in using the credentials you created during setup. You should next be 
presented with an interface similar to the one shown in Figure 4-2. (You’ll 
find complete installation instructions for NeXpose at the Rapid7 website.)

On the NeXpose main page, you will notice a number of tabs at the top 

of the interface:


The Assets tab   displays details of computers and other devices on your 
network after they have been scanned.


The Reports tab   lists vulnerability scan reports after they have been 


The Vulnerabilities tab   gives you details on any vulnerabilities discov-
ered during your scans.


The Administration tab   allows you to configure various options.