Documentation
Version: Mageni 1.10
Published: 05.16.22
Author: Jonathan Jaquez, Certified CompTIA PenTest+
CompTIA PenTest+ Credentials
CompTIA PenTest+ is for cybersecurity professionals tasked with penetration testing and vulnerability management. PenTest+ assesses the most up-to-date penetration testing, and vulnerability assessment and management skills necessary to determine the resiliency of the network against attacks.
PenTest+ is compliant with ISO 17024 standards and approved by the US DoD to meet directive 8140/8570.01-M requirements. Regulators and government rely on ANSI accreditation, because it provides confidence and trust in the outputs of an accredited program.
Requirements
OS Requirements
The following OS and platforms are supported or in plans to be supported.
| OS | Version | Supported | Download |
|---|---|---|---|
| Ubuntu | 20.04 | Yes | Official Website |
| Ubuntu | 22.04 | Yes | Official Website |
| Windows | Multipass (Ubuntu 22.04 Image) | Yes | https://multipass.run/ |
| Linux | Multipass (Ubuntu 22.04 Image) | Yes | https://multipass.run/ |
| MacOS | Multipass (Ubuntu 22.04 Image) | Yes | https://multipass.run/ |
| Docker Desktop | Windows | Soon | |
| Docker Desktop | Linux | Soon | |
| Docker Desktop | MacOS | Soon |
Hardware Requirements
The following hardware recommendations are to be used as a general guide. Enterprise networks can vary in performance, capacity, protocols, and overall activity. Resource requirements to consider for deployments include raw network speed, the size of the network being monitored, and the configuration of the application. Processors, memory, and network cards will be heavily based on the former. Disk space requirements will vary depending on usage based on the amount and length of time data is stored on the system.
| Hosts Scanned | CPU Cores | Memory | Disk Space |
|---|---|---|---|
| 512 active IPs | 4@2GHz cores | 8 GB RAM | 30 GB |
| 2,500 active IPs | 6@2GHz cores | 12 GB RAM | 60 GB |
| 10,000 active IPs | 16@3GHz cores | 16 GB RAM | 250 GB |
| 25,000 active IPs | 4@2GHz cores | 32 GB RAM | 1 TB |
| 100,000 active IPs | 32@2GHz cores | 64 GB RAM | 2 TB |
Network Requirements
- The local network must be configured to allow outbound HTTPS (port 443) access to the Internet to download the updates and vulnerability database
- The IP addresses for the hosts to be scanned must be accessible to the scanner
How to Install
Download the Installer
curl -s "https://install.mageni.net" -o installRun the Installer
chmod +x install && sudo ./installThe installer will automatically download, install and configure the scanner
Screencast Installation
Types of Vulnerability Scans
There are several types of vulnerabilities scans that Mageni can perform:
Internal Scan
An internal vulnerability scan is the process of searching for vulnerabilities from within the business network
External Scan
This is a scan to search for vulnerabilities in the network perimeter.
The difference between an internal scan and the external scan is that the internal scan is within your network and the external scan is in the perimeter.
Credentialed Scan
This scan allows users to log into the system and see its vulnerabilities from a trusted source’s perspective. This process identifies vulnerabilities from workstations, network hosts, and servers while giving users a better understanding of the system’s patch management and configurations
Non-Credentialed Scan
A non-credentialed scan offers the perspective of someone who infiltrated the system. Users can remotely check for security risks like unsecured web servers and misconfigured firewalls. By employing both types of scans, you can be sure sensitive information is safe on your networks
A credentialed scan will find more vulnerabilities than a non-credentialed scan and it is necessary for gray-box testing.
Create a Scan
Click the "New Scan" button.
A window will show up, here you can define the name, description and scanning template of your scan.
Once that you have chosen the name, description and scanning template click "Next Step"
Next, include the targets or assets that you want to scan and click "Next Step"
Next, you can define if you want to perform a credentialed or non-credentialed scan. For this example, we will perform a non-credentialed scan. So click "Next Step"
Next, you can define a schedule. In this example, we won't create a schedule. So click "Next Step"
Now, before you save the scan, you can review the information. If everything is ok, click "Save".
The scan is saved and now you can see it on the scan Dashboard and start, delete or edit it.
