Penetration Tests With Nessus (Chapter 1)


Hello everyone. Today I will write to you about " Nessus Vulnerability Scanner "

This is the first part of my wiriting about nessus in this section I will talk about simple scans and setup

Nessus Linux Installation

You should first download the appropriate for your system.

You can view the packages in this;

I downloaded the debian package. Let’s go to setup :slight_smile:

dpkg -i Nessus-7.0.0-debian6_amd64.deb

We got the activation code after opening Tenable membership. I then connected with the 8834 port scanner and entered the necessary information

Meanwhile I downloaded the " metasploitable 2 " virtual machine. Then started broadcasting with VirtualBox

For a short time IP Address for vulnerability researcher
Now right click on the new scan option.

We enter the target name and ip address bla.bla.bla.bla

This part asks if you want to do the scanning at the widespread ports or not.
We started scanning .

Continues to scan I will have a coffee :slight_smile: Nessus gives more healthier result than its competitors.

I am using nessus with remote server because I do not have to wait for slow scans.

In the second part we will explain how to exploit these vulnerabilities.

Thank you for reading

(he not busy being born is busy dying) #2

Good going. Look forward to the follow-up post.


So a Basic Network Scan is pretty straight forward. It would be nice - if you know how - to see a few credentialed scans on various hosts (Windows and Linux) too. :slight_smile:

(Leader & Offsec Engineer) #4

Also everybody, if you’d like a much easier way to scan for known vulnerabilities.

Use vulners!

   nmap -sV --script vulners <target>


This script is successful but has too much false positive