Introduction

When scanning, Nessus searches for known vulnerabilities in software, misconfigurations, missing patches, and general security issues such as weak passwords and open ports. The scan results are then presented in a report, which can be used to identify and prioritize vulnerabilities that need to be addressed to improve the overall security of a system or network.

Widely considered a high-quality tool, Nessus includes a range of plugins for identifying vulnerabilities in different systems and applications; Nessus also supports the installation of user-created plugins to extend its functionality further.

However, as with any tool, Nessus has its limitations and should be part of a robust security strategy. Comprehensive Nessus scans can take significant time to complete, especially with the number of checks performed by Nessus. Manual verification of any vulnerabilities identified by Nessus should also be performed in case of false positives.

Using Nessus

A typical Nessus installation will use a client-server model, with one device to host the Nessus server and each user then connecting to the Nessus server on their own devices. Typically, access is through the Nessus web interface, but Nessus also has an API that can be used to interact with the server. In this lab, the Nessus server has already been installed and configured on the Nessus Server instance, and you'll be using the Kali Desktop to interact with the Nessus web interface.

Nessus web interface

By default, Nessus is installed and managed using HTTPS and SSL, and uses port 8834 for its web interface. To interact with the Nessus interface, use a web browser to navigate to the IP address of the Nessus Server, on Port 8834, using HTTPS. For example,