Nessus vulnerability scanner

rpnessusredux vulnerabilityassessment

Nessus vulnerability scanner is a tool to find, and report vulnerabilities.

$ sudo dpkg -i Nessus-10.3.0-ubuntu1404_amd64.deb
$ sudo systemctl start nessusd.service

Once you are logged in to the website, you can create new scans.

  • Host Discovery: find alive hosts
  • Basic network scan: sort of nmap
  • Web application test: see vulnerabilities in your web app

Most scans have the following options

  • Set a target
  • In Discovery, you can select a range of ports
  • In Assessment, you can select the kind of scan
  • In Advanced, you may go for a "low bandwidth scan"
  • In the credential tabs, you can log in to an account.
  • Launch: explore vulnerabilities to see results

It's important to note that Nessus is generating a lot of traffic, and may not find every vulnerability, so you shouldn't grow dependent on it, and do things "manually" when you can.

Note: if you have a scope/knowledge of specific ports/... to scan, you can define a policy in the Policy tab.

πŸ‘» To-do πŸ‘»

Stuff that I found, but never read/used yet.

  • Basic network scan: can brute force auth
  • Scan policies are templates for scans
  • Can create plugins and rules (plugin configuration for target)
  • Performance options for some networks
  • Look for [INFO] to find information about the target