Nessus vulnerability scanner
Nessus vulnerability scanner is a tool to find, and report vulnerabilities.
$ sudo dpkg -i Nessus-10.3.0-ubuntu1404_amd64.deb
$ sudo systemctl start nessusd.service
- Open
https://localhost:8834/ - You will need an activation code
Once you are logged in to the website, you can create new scans.
- Host Discovery: find alive hosts
- Basic network scan: sort of nmap
- Web application test: see vulnerabilities in your web app
Most scans have the following options
- Set a target
- In Discovery, you can select a range of ports
- In Assessment, you can select the kind of scan
- In Advanced, you may go for a "low bandwidth scan"
- In the credential tabs, you can log in to an account.
- Launch: explore vulnerabilities to see results
It's important to note that Nessus is generating a lot of traffic, and may not find every vulnerability, so you shouldn't grow dependent on it, and do things "manually" when you can.
Note: if you have a scope/knowledge of specific ports/... to scan, you can define a policy in the Policy tab.
π» To-do π»
Stuff that I found, but never read/used yet.
- Basic network scan: can brute force auth
- Scan policies are templates for scans
- Can create plugins and rules (plugin configuration for target)
- Performance options for some networks
- Look for
[INFO]to find information about the target