Penetration Tests With Nessus (Chapter 1)

#1

Hello everyone. Today I will write to you about " Nessus Vulnerability Scanner "

This is the first part of my wiriting about nessus in this section I will talk about simple scans and setup

Nessus Linux Installation

You should first download the appropriate for your system.

You can view the packages in this;

https://www.tenable.com/products/nessus/select-your-operating-system

I downloaded the debian package. Let’s go to setup :slight_smile:

dpkg -i Nessus-7.0.0-debian6_amd64.deb

1

We got the activation code after opening Tenable membership. I then connected with the 8834 port scanner and entered the necessary information

Meanwhile I downloaded the " metasploitable 2 " virtual machine. Then started broadcasting with VirtualBox

For a short time IP Address for vulnerability researcher
Now right click on the new scan option.

We enter the target name and ip address bla.bla.bla.bla

This part asks if you want to do the scanning at the widespread ports or not.
We started scanning .

Continues to scan I will have a coffee :slight_smile: Nessus gives more healthier result than its competitors.

I am using nessus with remote server because I do not have to wait for slow scans.

In the second part we will explain how to exploit these vulnerabilities.

Thank you for reading

8 Likes

(he not busy being born is busy dying) #2

Good going. Look forward to the follow-up post.

3 Likes

#3

So a Basic Network Scan is pretty straight forward. It would be nice - if you know how - to see a few credentialed scans on various hosts (Windows and Linux) too. :slight_smile:

2 Likes

(Leader & Offsec Engineer & Forum Daddy) #4

Also everybody, if you’d like a much easier way to scan for known vulnerabilities.

Use vulners!

   nmap -sV --script vulners <target>
6 Likes

#5

This script is successful but has too much false positive

2 Likes

(Souhail) #6

looking forward for the second part

2 Likes

(Maango Taachyon) #7

Interesting, still not sure if I’d use Nessus on a single machine like the example you gave. If it was a network or something then I’d see the usefulness maybe in the next part you could elaborate more on that? Otherwise great job being descriptive!

3 Likes

(Rich) #8

I feel like I have had this discussion before regarding when to use Nessus. Good tutorial though, will definitely have to have a play with it again.

2 Likes

(Proyouch Nhoek) #9

Nice sharing! i keep to watching.:heart_eyes:

1 Like

#10

Hello everyone :slight_smile:

At the end of this month I’m thinking of writing part 2. Stay on track :slight_smile:

2 Likes