Category: Installations

Posted on by 2 Comments

How to setup Vulnerawa in Wamp server

Good Evening friends.  Today we will see how to setup Vulnerawa in Wamp Server. For those newbies who don’t know what is Vulnerawa, it is a vulnerable web app coded by me to simulate a real website for practice. Read more about it here. First, download Wamp Server from here   as appropriate to your system requirements. We will use “WAMPSERVER (64 BITS & PHP 5.3.10) 2.2d″ for this howto. Install the Wamp Server. Open browser and type “localhost” in the URL bar to see if Wamp server is working as shown below.

We can see that there are no projects available. Now download Vulnerawa from here. You will find a zip file as shown below. Now we will extract the contents of this file into the root folder of Wamp server. Right click on the zip file, go to 7-zip as shown below ( or any other unzipping software )  and select “Extract files” option. Extract the files to the folder “C:\\wamp\www” which is the root folder for Wamp server.

Now lets check the root folder to see if the files are extracted. Go to wamp server’s root directory and you should see the folder named “vulnerawa1.0.2” as shown below.

Now open your browser and type “localhost” once again. Now we can see our projectVulnerawa1.0.2 listed in the Projects section as shown below.

Click on the project. If you see the below webpage, then you have successfully setup Vulnerawa. If it gives you some error go to the url and type “http://localhost/vulnerawa1.0.2” directly. Happy hacking practice.

Here’s a video version of this howto.

Posted on by 8 Comments

Installing Metasploitable in VirtualBox

In this howto, you will installing metasploitable in VirtualBox. What is Metasploitable? Learning penetration testing or ethical hacking requires practical knowledge and good practice needs a vulnerable target. That is where Metasploitable comes into picture. It is an intentionally vulnerable operating system made by the makers of Metasploit themselves so that aspiring ethical hackers can practice and hone their hacking skills. As its name conveys Metasploitable is loaded with vulnerabilities that can be exploited with Metasploit modules. 

This virtual machine can be used to conduct security training, test security tools, and practice common penetration testing techniques.  For this i am going to use Metasploitable 2 which can be downloaded from here. After downloading the zip archive, extract the files into a folder. The file contents look like below.

Open VirtualBox and click on “New Virtual machine wizard”. Type the name of your choice. I am using ‘Metasploitable-2‘. Choose ‘Type’ as Linux and ‘version’ as Ubuntu. Click on “Next”.

Choose the memory size appropriate to the availability of RAM on your host machine although 512MB is more than enough. Click on “Next”.

In the hard drive creation window, select option “Use an existing virtual hard drive”, browse to the folder where we have extracted our zip files and select the ‘vmdk’ file available. Click on “Create”.

Then you are automatically booted into the metasploitable OS. The default username and password are “msfadmin”.


With this we successfully finished installing Metasploitable in Virtualbox. See how to create a penetration testing lab.

Posted on by 225 Comments

Install Kali in Virtualbox (Updated to kali 2021.3)

The makers of Kali Linux have a released the second version (2020.2) of Kali Linux for the year 2020.  Since many versions have been released since we last wrote this article, we decided to update this article on how to install Kali in Virtualbox.

Kali Linux 2020.2 has many brand new features.  With xfce and gnome given Kali Linux feel, this release has given themes for KDE Plasma. This is like going back to its roots as Backtrack used to have this desktop environment. The login screen also has been given new graphics along with a new layout. Also now you can install Powershell by default by selecting the meta package while installing. This release also updated gnome to 3.36. The new tools included in this release include NextNet, the pivot point discovery tool and SpiderFoot  the OSINT tool.

The makers also included python2-pip once again to add support to some tools still depending on python2 although overall it upgraded to Python 3.8. This release also replaces CherryTree, the note taking application with Joplin. Now, let us see the simplest process  to install Kali in Virtualbox. For this download the virtualbox image of Kali Linux 2020.2 from here. We have performed this installation in the Oracle Virtualbox 6.

This howto is using the Kali Linux 32bit OVA . Your downloaded contents should look like below. As you can see, we have an ova file.

Now open Virtualbox and go to File Menu > Import Appliance as shown below. It can also be accessed using shortcut CTRL+ I.

A window like below will open. Browse to the OVA file we downloaded.

After selecting the OVA file, click on “Next”.  If you want to make any changes to the virtual machine settings like RAM, name etc, you can do it here. You can also leave it to default values if you want. Click on “Import”.

Click “Agree” when the software license agreement pops up as shown below. The import process starts.

After the import process is completed, Power On the virtual machine. You will see a login screen prompt. Login using the credentials kali:kali.

Here is the final look of the Kali Linux virtual machine we installed.

Posted on by 4 Comments

How to Install Nessus in Kali linux

Nessus is a vulnerability scanner. My first disappointment  with Kali is that it excluded nessus from its vulnerability scanning tools. However it can be installed. Let us see how to install Nessus in Kali Linux. This guide works for all versions of Kali Linux. First download the nessus Debian package from the website ( here ). Go to the directory into which the package has been downloaded. It should normally be in the Downloads directory in root directory.  Open a terminal, navigate to the “Downloads” folder and type “ls“. You can see the debian package of Nessus. Then type the command “dpkg -i  package name” as shown below.

Then type command “service nessusd start” to start the service.

Open a browser and type “https://kali:8834/” to see the web interface of nessus. You will see the below warning that the connection is untrusted.  Click on “I understand the risks” option.

You will get a popup to confirm the security exception. Click on that option.

Then you will get a welcome screen of nessus as shown below. Click on “Continue”.

Its time to create our initial account. Type the username and password you want to set up for the account. Click on Continue.

Its time to enter the activation code for Nessus. You can get the activation code from here. After entering activation code, click on Continue.

After activation is completed, it will download the nessus packages required. It may take a bit long time.

Then we need to wait some more time while the program initializes.

After the initialization is over, you will see the Nessus scan page as below.

Congrats, you have successfully installed Nessus in Kali Linux.

That is how you install nessus in kali linux.