HackingMaster Hack

How to Scan for Vulnerabilities with Nessus

Welcome back, my tenderfoot hackers! Generally, you will want to perform a vulnerability scan before doing a penetration test. Vulnerability scanners contain a database of all known vulnerabilities and will scan your machine or network to see whether those vulnerabilities appear to exist. If they do, it is your job to test whether they are real and can be exploited.Vulnerability scanners are notorious for throwing false positives. These are found vulnerabilities by the scanner that is not really there. If vulnerability scanners could accurately detect vulnerabilities, then who would need pentesters?Among the most widely used vulnerability scanners on the market is Nessus. It has become a kind of standard for vulnerability scanners. Originally begun as an open-source project, it was purchased by Tenable and is now a commercial product. Despite this, Nessus still has a “home” vulnerability scanner that they give away for free, and you can use it for up to 16 IP addresses. That’s what we will be using here.

As a hacker, if you can do a vulnerability scan on an internal network, you will have a database of all the potential vulnerabilities on the network. Then, you simply need to find the proper exploit to take advantage of it. Unfortunately, vulnerability scanners are very “noisy” and a vigilant security/network admin will detect it. Fortunately, not all organizations have a vigilant security/network admin.

Although Nessus has been around for quite awhile, the U.S. government has only recently switched over to Nessus for all their vulnerability scanning. Nearly every federal office and U.S. military base around the world now uses Nessus to scan for vulnerabilities. This could be useful information.

Vulnerability scanners are not perfect. They cannot detect zero-days, and like AV software, their database needs to be updated daily to be accurate. Probably the greatest limiting factor in using vulnerability scanners are the false positives. These scans may produce hundreds of potential vulnerabilities and usually less than 10% are actual vulnerabilities. That’s why companies and institutions still need white hat hackers—to separate out the false positives from the true positives. When they no longer produce false positives, penetration testers will be unemployed, but I don’t expect to see that in my lifetime.

As a white hat hacker/pentester, you need to be familiar with vulnerability scanners. Since Nessus is the most widely used one, let’s try it out. For those of you who might want a vulnerability scanner that integrates into Metasploit, consider Rapid7’s Nexpose

Step 1Installing Nessus

To begin, we need to download Nessus from the Tenable website. Tenable does not make it easy to find their free, home version, but you can find it right here.

Tenable requires that you register to get their free application, so you will need to give them an email address to receive an activation code.

When you click on “Register,” select the “Download” button to visit the downloads page, where it asks what operating system you are using. In my case, I downloaded the 64-bit Windows 7 version. Of course, download the version appropriate to your operating system and architecture.

After choosing the right file, Nessus will download an installer package to your computer. Double-click on it, and it should be fairly intuitive from there to complete the installation process.

Step 2Getting Nessus Working

After the installation is complete, Nessus will open your default browser with the message like that below. Nessus is built with a client/server architecture. You have installed your server on localhost and the browser represents the client. In reality, you can access the Nessus server from any system via a web browser.

You are likely to get a message that says “Your connection is not secure.” Click on “Advanced.”

Then, enter an exception for the Nessus connection on port 8834.

Step 3Setting Up Nessus

Now we are ready to start using Nessus to find vulnerabilities.

You will need to first set up an account. This is the account that you will use to log into the Nessus server.

After entering your username and your password (this username and password is only for Nessus), you are ready to activate Nessus. Go back to your email and retrieve the activation code that Nessus sent you and enter it when prompted.

When done, Nessus will begin to download all the updates and plugins necessary to find vulnerabilities on your network. Be patient, as this can take awhile.

Step 4Starting Your Vulnerability Scan

When Nessus has completed its update, you will be greeted with a screen like that below. Click on “New Scan.”

This opens a new screen giving you choices as to the type of scan you want to execute. Note that some of the scans can only be done with an upgrade. Let’s click on “Basic Network Scan.”

This opens a screen like that below, which asks you to name your scan and enumerate your targets.

I simply named it “First Scan” and had it scan my local network at You can name yours whatever you like, but make certain to use the IPs on your network, then click “Save.”

Now, click on the “Launch” button to start the vulnerability scan.

Step 5Viewing Your Vulnerability Results

When the vulnerability scan is complete, it will list each of the hosts by IPs scanned, and the associated risks to each. The risks are color coded, with the burnt orange being the most critical.

Click on “Vulnerabilities” in the top-line menu to display all the vulnerabilities found on the network.

When an individual vulnerability is selected, it displays more detail on that particular vulnerability. My “CodeMeter” vulnerability is shown below.

Finally, results can be saved in several different formats for reporting purposes. Click on the “Export” tab to pull down a menu with:

  • Nessus
  • PDF
  • HTML
  • CSV
  • Nessus DB

In my case, I chose PDF; a menu pops up with the name of the file, and asks which program to open it up with.

Nessus has become the de facto standard in vulnerability scanners, and every white hat hacker should be familiar with it. It is capable of finding known vulnerabilities, but its limitation, like all vulnerability scanners, are false positives. Once the white hat hacker has this list of vulnerabilities, they need to test each of them to determine if they are actual vulnerabilities or not.

Keep coming back, my tenderfoot hackers, as we learn the technologies and techniques of the most important skill set of the 21st century—hacking!

Lovepreet Singh

Use an ESP8266 Beacon Spammer to Track Smartphone Users

Previous article

Shadow Admins: What Are They and How Can You Defeat Them

Next article

You may also like


  1. Tadalis Sx Soft Mechanism Zithromax 3 Day [url=http://gnplls.com]levitra bayer prospecto[/url] Cialis Caratteristiche

  2. Cialis Online 5 Mg Without Prescription Commander Cialis [url=http://leviplus.com]generic levitra 40 mg no prescription[/url] Amoxicillin With Alcohol Predisone Pills For Sale From Canada

  3. This is a very good tip especially to those fresh to the blogosphere.
    Short but very accurate information… Thanks for sharing this one.
    A must read post!

  4. I’m gone to convey my little brother, that he should also pay a visit this weblog on regular basis to take updated from most up-to-date gossip.

  5. Great goods from you, man. I have understand your
    stuff previous to and you are just extremely excellent.
    I actually like what you have acquired here, certainly
    like what you are stating and the way in which
    you say it. You make it entertaining and you still take care of
    to keep it wise. I cant wait to read far more from you.
    This is really a great web site.

  6. Finasteride Price [url=http://addrall.com]buy medicine from cannada orlistat[/url] Predisone Without Prescription Viagra Vente QuСЂВ bec Cialis Senza Prescrizione Medica

  7. Thank you for the good writeup. It in fact was a amusement account it.
    Look advanced to far added agreeable from you!

    However, how could we communicate?

  8. always i used to read smaller posts which also clear their motive,
    and that is also happening with this post which I am reading now.

  9. I’m not that much of a online reader to be honest but
    your sites really nice, keep it up! I’ll go ahead and bookmark your site
    to come back later on. Cheers

  10. Have you ever thought about adding a little bit more than just your articles?
    I mean, what you say is fundamental and all.
    But think of if you added some great graphics or videos to give your posts more, “pop”!

    Your content is excellent but with pics and videos, this
    blog could definitely be one of the greatest in its
    field. Great blog!

  11. Paragraph writing is also a fun, if you be familiar with then you can write or else
    it is difficult to write.

  12. Hello, i think that i saw you visited my web site so i
    came to “return the favor”.I am trying to find things to enhance my site!I suppose its ok
    to use a few of your ideas!!

  13. My partner and I stumbled over here different web address and thought I might check things out.
    I like what I see so now i’m following you. Look forward to finding out about your web page again.

  14. Very great post. I simply stumbled upon your blog and wished to say that I have truly
    loved browsing your weblog posts. After all I will be subscribing in your rss feed and
    I am hoping you write again very soon!

  15. Because the admin of this site is working, no hesitation very rapidly it will be renowned, due to its quality contents.

  16. What’s up everyone, it’s my first pay a quick visit at this
    web site, and post is really fruitful for me, keep up posting these types of
    articles or reviews.

  17. Hello there! Would you mind if I share your blog with my zynga group?
    There’s a lot of people that I think would really appreciate your content.

    Please let me know. Thanks

  18. I loved as much as you’ll receive carried out right here.
    The sketch is tasteful, your authored subject matter
    stylish. nonetheless, you command get bought an impatience over
    that you wish be delivering the following. unwell unquestionably come further formerly
    again as exactly the same nearly a lot often inside case you shield this

  19. Link exchange is nothing else however it
    is just placing the other person’s website link on your page at suitable place and other person will also do same in support
    of you.

  20. We are a bunch of volunteers and opening a brand new scheme in our community.

    Your website provided us with useful info to work on. You have done a formidable activity and our
    entire neighborhood will be thankful to you.

  21. This is my first time pay a visit at here and i am truly pleassant to read all
    at single place.

  22. Wonderful work! That is the type of info that are meant to be shared across the net.

    Shame on the seek engines for now not positioning this post upper!
    Come on over and consult with my web site . Thank you =)

  23. magnificent issues altogether, you just gained a brand new reader.
    What might you suggest in regards to your publish
    that you just made some days ago? Any sure?

  24. You need to take part in a contest for one of the best
    blogs online. I will recommend this blog!

  25. I was excited to uncover this great site. I want to to thank you for your time due to this fantastic read!!
    I definitely enjoyed every little bit of it and i also have you book-marked to check out new information in your site.

  26. … [Trackback]

    […] Find More to that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  27. Pretty component to content. I simply stumbled upon your site and in accession capital to claim that I get in fact loved
    account your weblog posts. Any way I’ll be subscribing to your augment and even I
    fulfillment you get right of entry to constantly fast.

  28. Remarkable things here. I’m very satisfied to peer your article.
    Thanks so much and I’m taking a look ahead to contact you.
    Will you please drop me a mail?

  29. Keep this going please, great job!

  30. Ones gut-Instinkt freut zu schätze zusätzliche Geld
    in der Lage zu sein schöpfen alles Sie haben Schuppen.

  31. … [Trackback]

    […] Info on that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  32. Amazing things here. I am very happy to see your post.
    Thanks a lot and I am looking ahead to contact you.
    Will you please drop me a mail?

  33. I don’t know whether it’s just me or if perhaps everybody else encountering issues with
    your site. It appears as though some of the text in your posts are running off the screen. Can somebody else please comment and let me know if this is happening to them too?

    This may be a problem with my internet browser because I’ve had this happen before.
    Many thanks

  34. Propecia Minoxidil Pattern Baldness Zithromax For Syphilis The Difference Between Keflex And Ceftin [url=http://cidovir.com]buy generic cialis online[/url] Wirkung Von Viagra Wikipedia

  35. Eroxim Kamagra [url=http://xbmeds.com][/url] Flagyl Online In Uk Viagra For Man

  36. … [Trackback]

    […] Find More Info here to that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  37. … [Trackback]

    […] Find More to that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  38. … [Trackback]

    […] Read More on on that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  39. … [Trackback]

    […] Find More on that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  40. Propaganda De Kamagra Strep Throat Amoxil Canadianhealthandcaremallviagra [url=http://leviinusa.com]40 mg levitra pills on line for sale[/url] Amoxicillin Animals Cheap Brand Name Viagra Online

  41. … [Trackback]

    […] Read More to that Topic: techandsecurity.net/how-to-scan-for-vulnerabilities-with-nessus.html […]

  42. Buy Propecia Fda Approved [url=http://ciali5mg.com]cialis for sale[/url] Clomid Absence Ovulation Discount On Line Doxycycline

  43. Viagra Efectos Secundarios Comunes Candian No Script Pharmacy [url=http://levicost.com]is it safe to buy levitra on line[/url] Viagra Prix Pharmacie Forum Isotretinoin Order Now Free Consultation Comprar Priligy Online Espana Keflex And Vaginitis Viagra Generika Rezeptfrei [url=http://cialviag.com]online cialis[/url] Cialis Werbung Belgio Prezzo Kamagra Cialis Spermienqualitat

  44. Fluoxetine With Overnight Delivery Onadron [url=http://levitab.com]low cost levitra[/url] Levitra Blindness Baclofene En Suisse Priligy Mexico Costo [url=http://genericvia.com]viagra online pharmacy[/url] Real Levaquin Discount Low Price Online Como Comprar Finasteride Propecia Cialis Posologia 20 Mg Impetigo Amoxicillin [url=http://66pills.com]viagra[/url] Clomid Ado Acticin Pills Abilify Via Mail Order Nausea Generic Propecia Finasteride [url=http://sildenaf100.com]viagra online pharmacy[/url] Cialis 20mg Kosten Adverse Effect Of Amoxicillin For Elderly Marcas De Propecia Propecia Online Price [url=http://uscagsa.com]cialis 40 mg[/url] Xenical Donde Compro Online Usa Dose Of Amoxicillin For Sinus Infection Valtrex Online Uk

  45. Benicar Efectos Secundarios [url=http://catabs.com]cuando tomar priligy[/url] Amoxicillin For Strep Diflucan Online Florida Acyclovir No Script Canada Zithromax Dose Pediatric Cytotec 200pg Pharmacie En Ligne [url=http://buycialcheap.com]cialis 20mg for sale[/url] Purchasing Real Acticin Scabies Medication With Overnight Delivery Canadian Pharmacy Levetra Amoxicillin Trk Clv 800mg Viagra Propecia Galenica [url=http://sildenaf50.com]viagra[/url] Amoxicillin Solution 1841 Finasteride 1mg No Prescription Purchase Tadalafil Online Viagra For Men Price In Kolkata 390 Liquid Amoxicillin Dosage [url=http://avdrug.com]cout du levitra 20mg[/url] Propecia Buy Uk Hair Follicles Provera Shop Levitra Im Internet Bestellen Cephalexin 750 Mg Acheter Baclofene Sur Internet [url=http://leviinusa.com]generic levitra professional 20 mg[/url] Amoxicillin And Tetracycline Dogs Cephalexin 250 Mg Canada

  46. Cialis Alcolici Propecia Effects On Women Oral Accutane 40 Mg Online [url=http://cialibuy.com]where to buy cialis online safely[/url] Where To Buy Levitra Cheap Cheap Acyclovir Levitra Composicion Generic Cialis With Dapoxetine [url=http://bpdrug.com]priligy erectile dysfunction[/url] Amoxicillin Absorbtion Amount India Pharamcy Zoloft Generic Cialis For Sale [url=http://erxbid.com]precio de cialis generico en aguascalientes[/url] Fast Ship Cnaadian Viagra Viagra Cialis Online Pharmacy [url=http://elc4sa.com]viagra[/url] Fedex Shipping Clobetasol Mastercard Low Price Buy Viagra In Indonesia [url=http://euhomme.com]buy cialis[/url] Amoxicillin Protocols Amoxicillin Genital Tract [url=http://viapill.com]viagra[/url] Viagra Ligne Suisse Viagra Estuvo Aqui

  47. Ou Trouver Cialis 20 Acheter Sildenafil How To Buy Colchicine Online With No Rx [url=http://orderlevi.com]levitra online no prescription[/url] Kemadrin El Cialis Funciona Mejor Que El Viagra Buy Propecia Forum Healty Man Buy Hczt Priligy Rezeptfrei Kaufen [url=http://buyviaa.com]generic viagra[/url] Viagra 6 Free Sample Chloroquin Keflex Interactions With Other Medications Keflex Expansion Compensators Cialis Vendita On Line Viagra Pharmacie Sans Ordonnance [url=http://bestviaonline.com]viagra[/url] Erfahrungsbericht Viagra 50 Acide Clavulanique Biogaran Enfant Cialis In Brasile [url=http://cheapciali.com]cialis 20mg price at walmart[/url] What The Diffencebetween Venlafaxine Does Keflex Make Your Heart Race Cialis Est Il Vendu Sans Ordonnance Zithromax Uk Buy [url=http://buycialonline.com]cialis[/url] Cialis Online 5 Mg Canadian Drugs No Prescription [url=http://catabs.com]priligy farmacia ahumada[/url] Cymbalta Prix Du Kamagra Pfizer Cialis Comprar En Farmacia

Leave a reply

Your email address will not be published. Required fields are marked *

More in Hacking