Similar to Nessus, Rapid 7 Nexpose is another widely used commercial vulnerability scanner that supports the entire life-cycle of vulnerability management for any organization. Attackers who would like to utilize this scanner can request a free trial.
The following are step-by-step instructions on installing Rapid 7 Nexpose in Kali Linux:
- Register the account with Rapid 7 (https://www.rapid7.com/products/nexpose/request/; you may require a valid business email ID to receive the activation code.
- Download the installer from the website by running this:
wget http://download2.rapid7.com/download/InsightVM/Rapid7Setup-Linux64.bin
Change the file permission of the downloaded file by running the following command; the command will throw errors if the system requirements are not met:
chmod +x Rapid7Setup-Linux64.bin
./Rapid7Setup-Linux64.bin
The scanner will require you to enter the details such as username, password, and certificate. Follow the instructions and once completed, you should be able to see the following screenshot that indicates the successful installation of Nexpose:
- By default, Nexpose runs on port 3780 over SSL, so testers can access the application at https://localhost:3780/.
- Nexpose will download all the plugins for the license that you have, so finally you should be able to log in to the vulnerability scanner, as shown here:
