this post was submitted on 25 Jul 2024
7 points (100.0% liked)

homelab

6580 readers
12 users here now

founded 4 years ago
MODERATORS
 

In the past, I've used nessus for vulnerability scanning my lab, but as my service count has grown, the 16 IP limit is becoming a little unwieldy.

Is anyone able to recommend an alternative that fits at least most of the requirements I have?

  • Free (preferably in both senses of the word)

  • Doesn't use Docker, even if containerized, I'd prefer to avoid having my scanner share a host with another service... and I'm not incredibly well versed with Docker

  • Scans multiple systems (I tried Trivy, but as far as I can tell it only scans the system you install it on)

  • Has a webui for management of scans

Alternatively, if anyone is willing to lend some advice for the configuration of Wazuh... I deployed the service months ago with the expectation that it could be used for vulnerability scanning (the Dev was in a few reddit threads suggesting that it had the capability), but i haven't been able to configure it properly.

I appreciate any advice people are willing to offer!

Edit: fixed formatting

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 3 months ago* (last edited 3 months ago)

I'm on bookworm now myself. Check this out https://forum.greenbone.net/t/external-access-to-gsa-web-interface-ip/1671/4 and thanks I'll let you know if I run into trouble!