当前位置:网站首页>渗透测试 ( 7 ) --- 漏洞扫描工具 Nessus
渗透测试 ( 7 ) --- 漏洞扫描工具 Nessus
2022-07-06 09:27:00 【擒贼先擒王】
Nessus 官网:https://www.tenable.com/products/nessus/nessus-professional
下载 nusses:https://www.tenable.com/downloads/nessus?loginAttempted=true
1、Nessus 简介、下载、安装
简 介
Nessus 是世界上很流行的漏洞扫描程序,全世界很多组织都有在使用它。该工具提供完整的电脑漏洞扫描服务,并随时更新其漏洞数据库。Nessus 不同于传统的漏洞扫描软件,Nessus 可同时在本机或远端上遥控,进行系统的漏洞分析扫描
Nessus Pro10.1.2 配合20220328最新版本插件:https://www.iculture.cc/software/pig=12467
下载、安装
Linux 安装:
安装:dpkg -i Nessus.deb
启动:systemctl start nessusd.service
浏览器访问:https://127.0.0.1:8834
Windows 安装:
下载 Nessus 解压后直接安装,浏览器访问:https://127.0.0.1:8834
下载 Nessus pro 插件并更新
Linux 执行命令:sudo /opt/nessus/sbin/nessuscli update all-2.0.tar.gz
Windows 执行命令:
重启 Nessus 服务
/bin/systemctl start nessusd.service
进行 插件配置
Linux:sudo vi /opt/nessus/var/nessus/plugin_feed_info.inc
Windows:
添加内容:
PLUGIN_SET = "202203282143";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
关闭 Nessus 服务.,再重启 Nessus 服务。
然后在重新访问: https://127.0.0.1:8834
kali 安装 nessus
:https://zhuanlan.zhihu.com/p/338454648
下载对应版本的 nusses:https://www.tenable.com/downloads/nessus?loginAttempted=true
进入下载目录:sodu dpkg -i Nessus-10.1.1-debian6_amd64.deb
按照提示先启动服务 /bin/systemctl start nessusd.service
# 从deb 安装包安装Nessus
sudo dpkg -i Nessus-8.10.0-debian6_amd64.deb# 启动nessus
sudo /etc/init.d/nessusd start# 访问nessu web ui ,通过以下途径设置账号密码
http://localhost:8834
Managed Scanner ---> Tenable.sc ---> [root:root]# 升级插件包
sudo /opt/nessus/sbin/nessuscli update all-2.0.tar.gz# 提取文件
sudo tar -zxvf all-2.0.tar.gz plugin_feed_info.inc
sudo vim plugin_feed_info.inc
cat plugin_feed_info.inc
PLUGIN_SET = "202004162028";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";# 移动文件
sudo cp plugin_feed_info.inc /opt/nessus/var/nessus/
sudo cp plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/# 重启nessus
sudo /etc/init.d/nessusd stop
sudo /etc/init.d/nessusd start
边栏推荐
- Research Report of pharmaceutical solvent industry - market status analysis and development prospect prediction
- HDU-6025-Coprime Sequence(女生赛)
- Cost accounting [20]
- Learning record: STM32F103 clock system overview working principle
- X-Forwarded-For详解、如何获取到客户端IP
- 对iptables进行常规操作
- Research Report on market supply and demand and strategy of Chinese graphic screen printing equipment industry
- Alice and Bob (2021牛客暑期多校训练营1)
- Opencv learning log 15 count the number of solder joints and output
- cs零基础入门学习记录
猜你喜欢
随机推荐
mysql导入数据库报错 [Err] 1273 – Unknown collation: ‘utf8mb4_0900_ai_ci’
C语言数组的概念
力扣刷题记录
Accounting regulations and professional ethics [2]
信息安全-威胁检测引擎-常见规则引擎底座性能比较
【高老师软件需求分析】20级云班课习题答案合集
数据在内存中的存储&载入内存,让程序运行起来
0-1 knapsack problem (I)
Cost accounting [19]
1010 things that college students majoring in it must do before graduation
信息安全-安全专业名称|CVE|RCE|POC|VUL|0DAY
7-1 懂的都懂 (20 分)
STM32学习记录:玩转按键控制蜂鸣器和LED
Es6---es6 content details
Printing quality inspection and verification system Industry Research Report - market status analysis and development prospect forecast
Cost accounting [13]
F - Birthday Cake(山东省赛)
csapp shell lab
Research Report on shell heater industry - market status analysis and development prospect forecast
Market trend report, technical innovation and market forecast of geosynthetic clay liner in China