Mageni has been growing on me lately, and honestly I like it better than OpenVAS now. For those of you who followed my "OpenVAS howto", install article with the almighty Greenbone OpenVAS scanner, I think you will like this!
Now, there are some pro's and cons which I will go over. Similar to OpenVAS, Mageni has a generous community edition, with a few features I would of liked to seen included, but alas, you cannot have everything! :) I will say this, the interface is much more polished, very quick and responsive, and just looks better, and functions better. The OpenVAS UI is one of its biggest pain points imo. Its unnecessarily confusing, slow, and while it works, Mageni is a pleasure to use in comparison!
The Mageni interface which is made with Laravel, is so much faster, and just so intuitive! I almost do not need to dive deep into the functionality, as it is leaner, simpler to use and just more polished. Now, don't get me wrong, I love OpenVAS, but I found in testing, Mageni scans much faster across the board, regardless of scan type. I have had many times that OpenVAS just seems to puke all over itself, even when all the scan settings are set correctly.
Mageni comes with the ability to setup 2fa, which is a nice addition, as Greenbone OpenVAS community does not have this. Finally, about the only thing I think Greenbone does better with the free version, is the reporting functionality. OpenVAS has tje ability to export reports in more formats like XLS & PDF. Mageni restricts you to CSV export only. That being said, the results laid out in the UI are eye candy compared to the dated OpenVAS look. So most people can easily copy and paste data from the UI and or CSV file contents into your own custom report creation method. :)
I am going to show you how to quickly install Mageni, and its pretty simple. There are a few caveats though which you must address first. Mageni uses multipass from conical, and we will be installing that within a Linux guest VM. What does that mean? It will mean you need to make sure the correct Virtualization settings is enabled in your bios, and secondly enable the "nested virtualization" settings for the hypervisor your using.
Virtualbox and others will have the checkbox to enable these for the VM you setup. If you get an error or the setting is grayed out in your virtualization platform. Make sure their is no other Hypervisors installed or enabled, ie Hyper-V if your using windows, and also check your Bios settings.
Mageni can be installed under Windows, Mac OS, and Linux. Personally I think Linux is the easiest, but their documentation on their website is a piece of cake to follow. So you have some options.
In my case, I am using Hyper-V, so after creating the Ubuntu 22.04 VM to install Mageni on, you have to issue the following command below in powershell, on the PC or Server running the Hyper-V role.
Set-VMProcessor -VMNAME <NameofVM> -ExposeVirtualizationExtensions $true
Note: The VM has to be off/shutdown for the command to work. Once that is done, fire up your Linux VM. Congrats, you just enabled nested virtualization for your VM.
Installing Mageni on your Linux VM
You will need snap for this install process, so if snap is not installed, issue the command:
sudo apt install snap
Next download multipass and install:
sudo snap install multipass
Next is a longer command with a few variables. It might be pretty obvious, but the -m is for memory size, and -d is disk size. In my example I will chose the default 6GB of RAM and 40GB of disk for this multipass instance. You can change this accordingly, but I would not go any lower than 4GB, and optimally 6GB is recommended. My only complaint with the install is I would of preferred they used Docker instead of multipass.
Create and launch multipass instance:
multipass launch -c 2 -m 6G -d 40G -n mageni 20.04 && multipass shell mageni
Once done this will drop you into the Mageni multipass instance shell. Next we issue the final command to install and prep the environment, this can take 5-10 min.
curl -sL https://www.mageni.net/installation | sudo bash
Once the install finishes, you will see some critical information, copy and paste it to your clipboard/notepad etc. This will have your IP address to connect to, and default admin user with a temporary password to perform your initial login.
Note: As I advised with OpenVAS install, you might want to quickly add a VPN connection using your favorite VPN provider to add some anonymity. Also, Mageni has one simple command to update the the vulnerability and security feed definitions.
A bit easier than Greenbone OpenVAS's method, it is way more complicated than it should be. Mageni in keeping with its groove, its just simple, basic yet still very powerful!
Mageni User Interface
Credit Note: In the interest of time, I took part of the Mageni documentation from their website for the next section, as its laid out very well to explain basic functionality. Again, it is so much easier to fly through and learn the interface and features, compared to the OpenVAS UI.
First Time Login
The first time that you log into Mageni you will be presented with the dashboard.
Types of Vulnerability Scans
Mageni can help you perform vulnerability scans to the internal and external network, cloud environments (AWS, Azure, Google, etc) and IoT, OT, and SCADA devices.
Now that you have installed Mageni, you can perform several types of vulnerabilities scans:
An internal vulnerability scan is the process of searching for vulnerabilities from within the corporate network
This is a scan to search for vulnerabilities in the network perimeter. Like an external attacker would do.
The difference between an internal scan and the external scan is that the internal scan is within your network and the external scan is in the perimeter.
This scan allows users to log into the system and see its vulnerabilities from a trusted source’s perspective. This process identifies vulnerabilities from workstations, network hosts, and servers while giving users a better understanding of the system’s patch management and configurations
A non-credentialed scan offers the perspective of someone who infiltrated the system. Users can remotely check for security risks like unsecured web servers and misconfigured firewalls. By employing both types of scans, you can be sure sensitive information is safe on your networks
A credentialed scan will find more vulnerabilities than a non-credentialed scan and it is necessary for gray-box testing.
Run your first scan
Create a Scan
For this example we will create a basic scan without credentials, schedules or notifications.
Go to "Scans" and then click the "New Scan" button.
A window will show up, here you can define the name, description and scanning template of your scan.
Once that you have chosen the name, description and scanning template click "Next Step"
Next, include the targets or assets that you want to scan and click "Next Step"
Next, you can define if you want to perform a credentialed or non-credentialed scan. For this example, we will perform a non-credentialed scan. So click "Next Step"
Next, you can define a schedule. In this example, we won't create a schedule. So click "Next Step"
Next, you can create a notification. In this example, we won't create a notification. So click "Next Step"
Now, before you save the scan, you can review the information. If everything is ok, click "Save".
The scan has been saved and now you can see it on the scan Dashboard.
You can manage the scan from the Dashboard and perform these actions:
- Start Scan
- Edit Scan
- Clone Scan
- Clone Scan
- Lock/Unlock Scan
- Export Last Report
- Delete Scan
That's it! Can't get much easier, Mageni is a great Open Source Tool to add to your arsenal, and after playing with it for a while, I am sure you will agree with my assessments and comments above!
Till next time..