Installing Nexpose Vulnerability Scanner on Debian/Ubuntu

Chưa phân loại
Nexpose is a very potent security scanner developed by Rapid7, the same developers of Metasploit. Nexpose is among the best security scanners, despite it’s low popularity, it is newer than OpenVAS, Nessus and Nikto and has a very friendly graphical interface similar to OpenVAS/Nessus.

Nexpose is a great tool to audit servers and networks looking for security vulnerabilities, it allows to automatize security audits, can be combined with Metasploit and includes a Remediation Report to fix found security vulnerabilities. It requires a minimum of 8GB ram to run.

Downloading Nexpose:

Access Rapid7 trials page here and fill the form and press SUBMIT.

Select the Linux by pressing on 64-Bit and save the bin file.

You will receive an e-mail with the license, save it.

Installing Nexpose:


To install Nexpose give the downloaded file execution permissions by running:

chmod +x  Rapid7Setup-Linux64.bin

Then run:


You’ll be asked if the installation should proceed, press ENTER.

Then you’ll be asked if you want to include the Security Console, press ENTER to install it.

Next you’ll be asked for Nexpose’s directory, I recommend to leave the default one but you can change it. If you want the default directory press ENTER.

The following screen will inform about Nexpose’s requirements. You’ll be informed if your device has the minimum requirements. Press ENTER to continue.

Nexpose’s default port is 5432 . If you have Metasploit probably your port is busy. You can assign any port you want. If you want the default one press ENTER.

You’ll be asked for personal information, username and password, answer each question.

Say yes when asked if Nexpose should start after the installation.

Once the installation ends press ENTER to exit the installation process.

Run Nexpose’s server by typing:

systemctl start nexposeconsole.service


service nexposeconsole start

Make sure it runs by typing

service nexposeconsole status

Now let’s open the console, open in your browser https://localhost:3780

Before the SSL certificate error, press Advanced and add an exemption to access the console.

Nexpose may take some minutes to start while updating it’s database,

After loading it will ask for credentials, before logging start Nexpose by running.

sh /opt/rapid7/nexpose/nsc/

Now you can login using the username and password you provided during the installation process.

Then you’ll be asked for the license number you got in your inbox, fill it and press on ACTIVATE WITH KEY and wait until it gets activated.

NOTE: When writing this tutorial I messed up with Nexpose’s credentials. I failed to find a way to reset the password from the command line  for Nexpose’s current version. The only way to fix it was to remove the /opt/rapid7 directory and execute the installer again using a new license key.

Getting started with Nexpose Security Scanner

After logging in into Nexpose, the first step is to add our target/s, in order to do it press on “Create Site”

On the first screen you only need to add descriptive information to identify your target easily.

After filling the informative data click on ASSETS and define your target as shown in the picture.

After defining your target press on TEMPLATES, we’ll carry out a deep scanning but we’ll avoid excessive time by selecting a full audit without Web Spider.

After selecting FULL AUDIT WITHOUT WEB SPIDER click on the light blue button SAVE & SCAN. if a confirmation dialog box prompts confirm the scan.

The scanning process will start and may take long time because we selected a full audit.

After 20 minutes our scan against ended

We can download the log or additional data, on COMPLETED ASSETS you’ll see your target’s IP or URL, click on one of them to see the report.

After pressing on our ASSET scroll down to check for the vulnerabilities found.

Nexpose found a problem in LinuxHint’s SSL signature. As a blog without important transactions the problem is irrelevant but it could mean a threat for a website exchanging sensible information.

At the left side of your screen you’ll see icons which will display the main menu as shown in the image

From Assets you can determine your targets and launch scans as explained above, you can try different templates and submit asset groups.

Nexpose’s graphical graphical interface is very intuitive, you just need to remember to execute the nexposeconsole service and /opt/rapid7/nexpose/nsc/ before accessing the console.

I hope you found this introductive tutorial to Nexpose productive, Nexpoe is a great security scanner. Keep following LinuxHint for more tips and updates on Linux.

Sandclock IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, Sandclock IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

CLI #3: Giới thiệu lệnh chattr để bảo vệ sự toàn vẹn của file

Đối với Linux, thông thường chúng ta sử dụng phân quyền bằng lệnh chmod để bảo vệ tập tin....

How to Install Fotoxx 17.04 – A Linux Photo Editor on Ubuntu

Fotoxx 17.04 recently released, is a free open source photo editor program for editing photos or other images and managing...

Install PIP on Ubuntu

Install PIP on Ubuntu 17.10 Artful Aardvark Python is a widely used general purpose programming language. Python is very...
Bài Viết

Bài Viết Mới Cập Nhật

Hướng dẫn chuyển đổi windows server windows evaluation to standard và active windows server 2008 + 2012 + 2016 + 2019

How to Update Ubuntu Linux

Squid Proxy Manager cài đặt và quản lý Proxy Squid tự động trên ubuntu

Hướng dẫn cài đặt Apache CloudStack

Hướng dẫn ký file PDF bằng chữ ký số (chữ ký điện tử) và sửa lỗi mới nhất 2021 foxit reader