Scan for vulnerabilities that exist in the network. Was open source originally in 2005 but is now proprietary. OpenVAS is a fork of Nessus.
Free version allows the scan of 16 IPs.
NOT ALLOWED DURING THE OSCP EXAM
- Official Documentation (Tenable)
- Phases of a vulnerability scan (Tenable)
- Plugins Documentation (Tenable)
Installation
Download the free version of Nessus. Choose Nessus-x.x.x-debian6_amd64.deb.
Validate the checksum of the downloaded file
sha256sum Nessus-x.x.x-debian6_amd64.debInstall the package
sudo apt install ./Nessus-x.x.x-debian6_amd64.debStart the nessusd service
sudo systemctl start nessusdOpen a web browser and go to https://localhost:8834. Accept the risk of self-signed certificate.
Setup
- Choose Nessus Essentials and click on Continue.
- Fill the form to receive the activation code by email. Use Webhook.site for a temporary email address.
- Enter the activation code and click Continue.
Basic Scan
By default, the Basic Network Scan will only scan the common ports.
- Click on the New Scan button.
- Click on Basic Network Scan.
- Enter a scan name and enter the IPs to scan in the Targets section.
- To scan all ports, click on the Discovery tab on the left. Choose Custom as the Scan Type.
- Click on Port Scanning and enter 0-65535 in the Port scan range. This will NOT scan UDP ports.
- Click on Save.
- Click on Launch.
Scan Results
- Click on the IP to see vulnerabilities for that host.
- Click on the Settings icon in the title bar and select Disable Groups and see all vulnerabilities.