Scanning with NeXpose
In the previous recipe, we discussed Nessus as a potential vulnerability scanner. In this recipe, we will cover another important vulnerability scanner NeXpose.
NeXpose is a popular tool by Rapid7 which performs the task of vulnerability scanning and importing results to the Metasploit database. The usage of NeXpose is similar to Nessus which we learned in the previous recipe, but let's have a quick overlook of how to get started with NeXpose. I will leave the task of exploring it deeper as an assignment for you.
Getting ready
To start the NeXpose from the msf
console, we will first have to connect the database to Metasploit, and then load the plugin to connect it with the NeXpose server to start the process of target scanning. Let us execute these steps in the command line.
msf > db_connect msf3:[email protected]:7175/msf3
msf > load nexpose
msf > nexpose_connect darklord:toor@localhost ok
[*] Connecting to NeXpose instance at 127.0.0.1:3780 with username...