Chapter 5 Vulnerability Scanning

5.1 Using Nessus

5.1.1 Introduction to Nessus

Nessus is a widely used network vulnerability scanner used to assess the security of computer systems, network devices, and applications. Developed and maintained by Tenable Network Security, it helps administrators and security professionals discover security holes and weaknesses that exist in systems.

Nessus can scan target systems, identify potential vulnerabilities, and generate reports to help organizations understand their cybersecurity posture. It uses a series of predefined vulnerability detection rules and patterns to conduct a comprehensive scan of the target system and provide a detailed description of the vulnerability, risk assessment and recommended remediation measures.

Nessus supports scanning a variety of operating systems, network devices, and applications, including Windows, Linux, UNIX, network routers, firewalls, and web applications. It can also perform exploit attempts to verify the security of the system and identify weaknesses that could expose the system to attack.

Nessus is a powerful security tool that is widely used by businesses and organizations to help them discover and resolve security issues in their systems, thereby improving network security.

Nessus is one of the most widely deployed cybersecurity technologies in the world, built for the modern attack surface. Each feature is designed to make vulnerability assessment simple, easy and intuitive. With Nessus, you invest less time and effort in assessing vulnerabilities and prioritizing analysis and remediation to stay one step ahead of attackers.

Official website: [Tenable® - Cyber Exposure Management Company]( Tenable® - Cyber Exposure Management Company )

[Tenable Nessus Essentials Vulnerability Scanner | Tenable®]( Tenable Nessus Essentials Vulnerability Scanner | Tenable® )

5.1.2 Install and configure Nessus

Install Nessus

A real email address must be filled in to receive the activation code.

Wait a moment and enter the download page, download link: Download Nessus | Tenable®

Select the version and system you want to download

What we chose is:Nessus-10.5.2-debian10_amd64.deb, for kali linux

Activation code received by email

Start the kali linux virtual machine and drag in the Nessus-10.5.2-debian10_amd64.deb file we downloaded.

Right click on the desktop and open as root

Right click and select: Open terminal here

Execute installation command

dpkq -i +‘安装包名称’
dpkg -i Nessus-10.5.2-debian10_amd64.deb

Copy and enter the following code

Right click on this link: Open link

Enter this page

The translation is as follows:

Select continue

Select: Register for Nessus Essentials

Register on the Nessus website ( note that the email here uses a real email to receive the activation code, provided you have not registered on the official website)

We have already registered when we registered and downloaded Nessus-10.5.2-debian10_amd64.deb. There is no need to register again. You can click Skip.

Just enter the activation code received by our email

Create a Nessus account

Username: admin

Password: ***, click submit

After the setting is completed, the plug-in in nessus will start to be downloaded (the plug-in is from a foreign website, if the network is unstable, the download will fail)

After the installation is complete, enter Nessus directly.

We can view license and other information in settings

Nessus is in the process of compiling and updating the plugin. Plugins are components used by Nessus to detect and assess system vulnerabilities.

During the compilation process, some Nessus features may be limited or unavailable until the compilation is complete. This is because the plugin needs to be updated to include the latest vulnerability detection and security testing.

Compilation time depends on the number of plugins and the speed of your system. It is recommended to wait for some time until the compilation process is complete before trying to scan or evaluate with Nessus. Once compilation is complete, Nessus will have the latest plugins and be fully functional again.

Please note that the compilation process is a normal part of Nessus operation and it is important to ensure that the plugin is updated regularly to maintain the effectiveness of vulnerability scans

Note: The free version of Nessus can only scan 16 IPs

At this point, the installation of Nessus is complete.

Open any of the following URLs in kali's local browser:

https://127.0.0.1:8834
https://ip:8834/ (kali’s local IP)
https://localhost:8834/

You can access Nessus

5.1.3 Scan for local vulnerabilities

Create a new scanning task, open the terminal, and start the nessus service

The command is as follows:

/bin/systemctl start nessusd.service

In Firefox, enter the following URL: https://127.0.0.1:8834

Enter username and password

Enter the interface

New scan

Select My Scans→Create a new scan.

Click Advanced Scan to configure the scan.

Configure the project name, description of the project, and most importantly the target address.

If there is a target login account or password, you can configure it in the Credentials option. For Windows, fill in Windows, and for Linux, fill in Linux.(can be omitted)

We can view the plug-in information used in the Plugins option.

After the configuration is completed, we click save to save.

Click the triangle button to start scanning. Click this task to view the scanning details.

Click on On Demand with your mouse to see detailed information.

We click on "Vulnerables" and we can see the vulnerabilities we found.

At this point, the vulnerability scan is completed.