Table of contents:

  1. What’s Nessus
  2. Download Source
  3. Install
  4. Enable && Start Services
  5. Web Interface
  6. CLI
  7. Vulnerability Scanning with Nessus

What’s Nessus

Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a network.

In this short tutorial I will show you how to install Nessus on Kali Linux …

Download Source

First update your system:

apt update && apt upgrade

after download package from here

Download list
Download list

Install

Installing from downloaded package:

sudo apt install ./Nessus-10.0.2-debian6_i386.deb

Enable && Start Services

Starting Nessus service:

/bin/systemctl start nessusd.service

Web Interface

Login screen
Login screen
Basic scan page view
Basic scan page view
Vulnerabilities
Vulnerabilities

CLI

Command line interface using the nessuscli utility allows the user to manage user accounts, modify advanced settings, manage digital certificates, report bugs, update Nessus, and fetch necessary license information.

All CLI commands must be run by a user with administrative privileges.

┌──(kali㉿kali)-[/opt/nessus/sbin]
└─$ sudo ./nessuscli help                                                                                                                                                                                                        130 ⨯
Usage: nessuscli <command> [<options>]
Usage: nessuscli <command> help

Bug Reporting Commands:
   bug-report-generator 
   bug-report-generator --quiet [--full] [--scrub]

User Commands:
   rmuser [username]
   chpasswd [username]
   adduser [username]
   lsuser 

Dump Commands:
   dump --plugins

Fetch Commands:
   fetch --register <serial>
   fetch --register-offline <license.file>
   fetch --check
   fetch --code-in-use
   fetch --challenge
   fetch --security-center
   fetch --scanner-health-stats

Node Commands:
   node link --key=<key> --host=<host> --port=<port>
   node unlink
   node status

Fix Commands:
   fix [--secure] --list
   fix [--secure] --set <name=value>
   fix [--secure] --get <name>
   fix [--secure] --delete <name>
   fix --show
   fix --show <name>
   fix --list-interfaces
   fix --reset

Certificate Commands:
   import-certs 
   mkcert-client 
   mkcert [-q]

Backup Tool:
   backup --create <backup file filename>
   backup --restore <backup file path>

Analyze Commands:
   analyze scan <uuid>

Software Update Commands:
   update 
   update --all
   update --plugins-only
   update <plugin archive>

Vulnerability Scanning with Nessus

Nessus gives you the ability to configure your scan based on different scan and policy templates. These templates will determine the settings that will be found within the scan policy settings:

  • Basic: With this setting, you can specify security-related and organizational aspects of the scan or policy, such as name of the scan, the targets of the scan, whether or not it is scheduled and who has access to it.
  • Discovery: For defining the ports to be scanned and the methods to be used while conducting this discovery.
  • Assessment: This setting allows you to determine the type of vulnerability scan to perform and how they are performed.
  • Report: For determining how scan reports are generated and the information that should be included within them.
  • Advanced: Here you will define scan efficiency and the operations that the scan should perform.

Reference:

  1. Install Nessus Essentials, Professional, or Manager
  2. Documentation
  3. Kali Linux Penetration Testing and Ethical Hacking Linux
  4. Downloads
  5. Modify a vulnerability’s severity

My site is free of ads and trackers. Was this post helpful to you? Why not BuyMeACoffee