• Scan your IPv4 and IPv6
  environments to discover your physical and virtual assets. Nexpose
  even discovers risk associated with IPv6 devices that may be enabled
  by default on your IPv4 environments.
  

• Always know what assets
  you have, no matter their status.
  

• Inventory and group
  assets into a variety of logical organizational categories. What
  happens when new assets are added or deleted? No problem. Your asset
  groups automatically and dynamically update.
  

• Scan for current and
  emerging threats—including vulnerabilities, misconfigurations and
  the impact of malware – and see how they connect to your
  environment.
  

• Enable stakeholders to
  manage just the assets they own and only see what matters to them.
  

• Prioritize threats based
  on potential risk, so you can address what’s most dangerous first.
  

• Assess the potential
  risks identified by Nexpose scans and cross-check with available
  exploits and malware kits.
  

• Validate vulnerabilities
  and their risk based on what’s actually exploitable in your
  environment.
  

• Keep track of your
  security program effectiveness with powerful executive and trending
  reports.
  

• Measure and streamline
  your internal security operations for optimal effectiveness.
  

• Prioritize your
  resources by impact on your specific environment and threat
  landscape.
  

• Develop a clear plan and
  route of the most impactful actions.
  

There are multiple editions
of nexpose are available including the community version for
individual user, the community version can scan up to 32 IP addresses
and many other features are also there.

Nexpose Configuration
on Kali Linux

Ehacking have been asked to
create Nexpose configuration tutorial on Kali Linux by many users,
upon investigation we have found that people are facing problem with
the installation. Despite the fact that problem was fixed by vendor
itself, here are the quick steps that required to install nexpose in
Kali Linux.

• On the first step,
  download the community version from Rapid7 website
  

• Get the activation
  code via your email
  

• Open the terminal
  and locate the directory where you have download the Nexpose before
  

• Make the program
  executable and then start the installation process by using
  following commands:
  

chmod +x nexpose.bin


./nexpose.bin

• Follow the simple steps,
  enter username and password

• Everything simple, just
  like the installation of any other basic software

• When you are finished
  with installation, all you need to do is to locate the Nexpose
  directory and execute the command to run it via console.
  

• Be patients, it takes
  time to download and configure the plugins from rapid7 website. Let
  the software to perform its intended job and then you need to run
  nexpose by using the following local address:

/opt/rapid7/nexpose/nsc/nsc.sh 

After getting all the plugins installed, open the localhost on your favorite browser. Use the created username and password and you are in. 


https://localhost:3780
That is it, the vulnerability scanning process will be discussed in later issue