Nessus is the leading open source vulnerability scanner. It’s a tool that will help you find and fix security holes in your network. In this step-by-step tutorial, we’ll show you how to install Nessus on Kali Linux and get started with scanning your network for vulnerabilities.
The “how to start nessus in kali linux” is a jumpstart guide that will teach you how to install Nessus and get started with it.
The Nessus Vulnerability Scanner from Tenable allows you to quickly identify software problems, missing updates, malware, and misconfigurations across all of your connected devices. Installing the Nessus program on Kali Linux aids in the prioritizing of vulnerabilities and the identification of measures that may be taken to address them.
Kali is a Debian-based Linux distribution with hundreds of built-in penetration testing tools aimed for security experts. In this post, you’ll learn how to use Nessus with Kali to add a sophisticated network testing tool to an already competent Linux distribution.
You must meet the following conditions in order to follow along with this lesson.
- Connectivity to a Kali Linux system with administrative (or “root”) privileges and internet access. According to Tenable’s hardware recommendations, the following are the recommended minimum system requirements:
- Access to a browser that works with Nessus. According to Tenable’s software requirements, Nessus supports the following browsers:
- Chrome (50+) Google Chrome (50+) Google Chrome (50+) Google Chrome
- Apple Safari (versions 10+)
- Mozilla Firefox (versions 50 and above)
- Internet Explorer (versions 11 and above)
On Kali Linux, downloading the Nessus Installation Package
Because Nessus isn’t pre-installed on Kali, you’ll need to download the Nessus software package before proceeding. To begin, boot up the Kali Linux operating system and open a web browser that is supported. To get the required Nessus installation files, follow the procedures below.
- Go to the downloads section of the Nessus website.
2. Nessus runs on a variety of operating systems and architectures. A 64-bit version of Kali Linux (version 2020.4) is used in this tutorial. As a result, the Nessus-8.13.1-debian6 amd.deb installation package is correct:
Page with product downloads Download the Nessus-8.13.1-debian6 amd.deb installation package.
3. After clicking the download link, read the License Agreement and choose I Agree when requested.
I Agree is selected on the Nessus License Agreement page.
Now that the download is complete, it’s time to check the installation package’s integrity. It’s crucial to double-check that the file hasn’t been tampered with in transit.
Integrity of the Nessus Installation Package
When you download a file from an external source, such as a vendor’s website, it’s very vital to check for file integrity. Compare the file’s stated checksum to the downloaded Nessus installation package’s calculated hash, as shown below.
Checksums in Windows: How to Create Them (Built-in and Third-Party Tools)
- Right-click anywhere on your Kali Linux desktop and choose Open Terminal Here to launch a Terminal.
The Open Terminal Here option on the Kali Linux desktop menu.
2. To get the SHA256 hash from the downloads page, click the Checksum link.
Page with product downloads Installation checksum link for Nessus-8.13.1-debian6 amd.deb.
3. An MD5 and SHA256 hash value will be shown in a popup window. Simply click the Transfer button to the right of the hash to copy the SHA256 value to your clipboard.
The MD5 and SHA256 checksum values for the Nessus-8.13.1-debian6 amd.deb file are shown on the product downloads page.
4. To check the checksum of the downloaded file, run the following command in the previously opened Terminal window.
# Replace “checksumhash” with the SHA256 hash supplied on the download webpage. # Using an absolute path, replace the path below with the location of your download. /path/to/download | sha256sum -c echo “checksumhash”
The verification of a checksum value is shown using command-line output.
Do not install the program if the result of your command does not indicate that your installation package is in good condition.
Nessus on Kali Linux installation
It’s time to install the Nessus program once you’ve validated the package’s integrity. Pass the downloaded installation package to the Debian Package Manager (dpkg) utility using the I (install) option, as shown below.
To install Nessus under an account with administrative permissions, use the sudo command.
# Replace the path below with the location of the installation file you downloaded. dpkg -i /home/kali/Downloads/Nessus-8.13.1-debian6 amd64.deb sudo dpkg -i /home/kali/Downloads/Nessus-8.13.1-debian6 amd64.deb
The output of the command shows the outcome of the Nessus program installation.
Congratulations! On your Kali Linux operating system, you’ve just installed the Nessus Vulnerability Scanner. The following section explains how to get an activation code.
Getting a Nessus Vulnerability Scanner Activation Code
Tenable’s Nessus Vulnerability Scanner comes in a number flavors, including Nessus Essentials and Nessus Professional. Nessus Essentials is free, although it has a limited feature set compared to Nessus Professional, which costs money. The following are some of the most significant limitations of Nessus Essentials:
Nessus Essentials will be used in this course. Despite the fact that the program is free, it does need a valid activation code, which is detailed below.
- To access the Nessus Essentials Product Portal, go to the Nessus Essentials Product Portal.
2. Fill in your First Name, Last Name, and Email Address on the registration form.
Registration page for Tenable Nessus Essentials.
3. To finish registration, click the Register button.
Completing registration on the Registration page for Tenable Nessus Essentials.
4. Tenable will send you a confirmation email once your registration is complete. Finally, you will be given the following message:
The product registration page for Nessus Essentials, indicating the outcome of a successful registration.
5. Check your email for an activation code that looks something like D234-C7CB-04AF-79A6-1555. [email protected] will be the email sender address. If you don’t see the registration email in your inbox, check your trash mail!
Start the Nessus service and configure it to start automatically.
The nessusd system service must be launched before utilizing the Nessus application. The Nessus application interface and functionalities, such as scans, are controlled and made accessible by this service. Follow the steps below to start the nessusd service.
- Right-click on your Kali Linux desktop and choose Open Terminal Here to launch a terminal.
2. Run the following command to start the nessusd service:
# The nessusd service should now be running. systemctl start nessusd sudo
This article implies you’re using an account with administrative elevation privileges rather than the root account. As a result, tasks that need elevation are preceded by the sudo command to guarantee that they are elevated.
3. Verify that the service is operating by executing the following command and looking at the desired result in the image below, which is shown by the Active: active (running) output.
# Get the current service status of Nessus. systemctl status nessusd sudo
The active nessusd service may be seen in the output of the command.
Enabling the nessusd service to start automatically when the computer boots up
When your Kali Linux operating system wakes up, the nessusd service is disabled by default. Run the following command to enable the nessusd service to run when the Kali Linux operating system begins.
# At boot, run sudo systemctl enable nessusd to enable the nessusd service.
By using the command below, you may check whether the service is enabled. The nessusd service is enabled in the Loaded output line, as seen in the picture below.
# Get the current service status of Nessus. systemctl status nessusd sudo
The enabled nessusd service may be seen in the output of the command.
Getting the Nessus App to Work
It’s time to activate your Nessus installation now that you’ve gotten your activation code and launched the nessusd service. Follow the steps below to activate your Nessus installation.
- Navigate to https://localhost:8834 using a web browser on your Kali Linux operating system. It’s important to note that the default port is 8834, not 443.
When you try to visit the Nessus application’s web interface, you’ll probably get a warning since the installation comes with a self-signed SSL certificate. Tenable gives you the option of customizing the SSL certificate that your Nessus application uses.
2. On the Welcome to Nessus page, pick Nessus Essentials as the product version.
Nessus Essentials is chosen as the Nessus product version.
3. On the Get an activation code screen, choose Skip since you already have the activation code.
On the Retrieve Activation Code screen, choose the Skip button.
4. On the Register Nessus box, enter the Activation Code you obtained during the registration procedure and click Continue. The dummy activation code for this lesson is D234-C7CB-04AF-79A6-1555, as seen in the picture below:
The activation code is entered into the Nessus program.
5. When the Create a user account page appears, enter a Username and Password and then click Submit. The Nessus program is accessed using the given login and password.
For the Nessus application, you’ll need to create a user account.
6. After the scanner has completed its initialization, which may take some time, enter the username and password for the user account you created previously in this guide and click Sign In.
The login screen with username and password is shown.
Fantastic job! Your Nessus Vulnerability Scanner program is now installed and activated! In the following part, you’ll set up Nessus to run a vulnerability scan on your local system.
Performing a vulnerability scan using Nessus
You’ve successfully installed Nessus. It’s time to put the pedal to the metal and discover what this useful tool can do for you in terms of uncovering weaknesses! The rest of this section will walk you through configuring and running a scan on your Kali Linux system.
If you’re still on the Nessus application screen, if you’re not already signed in, enter the username and password for the user account you created earlier in this guide.
A welcome message may appear upon first login, allowing you to rapidly setup a discovery scan, which locates networked devices. You may dismiss this notice since you are about to setup and run a custom scan.
The Close selection button is highlighted in the Nessus program.
Configuring a scan may be done in a variety of ways. This lesson focuses on the three-step process mentioned below and in the parts that follow.
- Create a scan policy.
- Create a scan.
- Start the scan.
Setting up a Vulnerability Scan Policy in Nessus
Scan policies are basically a collection of scanning instructions. Scan rules tell the scanner what duties to do and how to complete them.
You may pick from a number of pre-configured scan policy templates or design a complex scan. The scanning capabilities of Nessus are divided into three categories by Tenable:
Follow the steps below to build and adjust your scan policy.
- Policies may be found under the Resources category in the menu on the left-hand side of the screen.
Policies may be found under the Nessues menu.
2. Go to the top right-hand corner of the screen and choose New Policy.
From the Nessus Policies page, create a new policy.
3. Select Basic Network Scan from the drop-down menu. Pre-configured options for assessing your Kali Linux server for vulnerabilities are included in the Basic Network Scan option.
From the Nessus Policy Templates page, choose the Basic Network Scan.
4. Additional adjustable components appear after choosing a scan policy template. For the time being, leave each pre-configured option in its default configuration, but feel free to explore afterwards.
Click the Save button after giving your scan policy a name. Basic Network Vulnerability Scan Policy is the name of the scan policy used in this tutorial, as seen in the accompanying screenshot.
On the Nessus Basic Network Vulnerability scan policy page, provide the policy name and use the pre-configured settings.
Tenable needs administrator access to run particular vulnerability checks (some of which will be shown in this tutorial). Executing a scan without credentials offers insight into externally enumerable vulnerabilities, simulating the viewpoint of an attacker.
Nessus Vulnerability Scan Configuration
Configuring your scan is the next stage in the procedure. Select a scan policy and target host as stated below during this part of the procedure.
- From the menu on the left-hand side of the screen, choose My Scans.
On the Nessus menu, choose My Scans.
2. Go to the top right-hand corner of the screen and click the New Scan button.
In Nessus, make a new scan.
3. Choose the newly created Basic Network Vulnerability Scan from the User Defined menu.
Making the decision to run a User Defined Nessus scan.
4. Choose the scan policy you set up in the previous step. The Basic Network Vulnerability Scan Policy from this lesson displays for selection in the screenshot below.
The Basic Network Vulnerability Scan Policy is chosen.
5. Establish a goal (s). In the Targets text input box, use localhost to target your local Kali Linux server.
Defining the scope of a vulnerability scan.
Multiple targets may be defined in a single scan by separating them with a comma. Specifying localhost,10.10.10.10, for example, will target your localhost as well as the 10.10.10.10 IP address.
6. Give your scan a name and save it by clicking the Save button. The name of this tutorial’s scan is Basic Network Vulnerability Scan, as seen in the accompanying screenshot.
The updated Nessus vulnerability scan is being saved.
Launching a Vulnerability Scan with Nessus
Create an entry in the My Scans area of the Nessus program after saving your scan.
- Click the Play button next to the Basic Network Vulnerability Scan to begin your scan.
I’m doing a vulnerability scan using Nessus.
2. The scan is in progress as shown by the revolving green arrow indicator. Be patient as the scan takes some time to finish.
A revolving green arrow indicator indicates an ongoing scan, as seen.
3. The scan is complete when the revolving green arrow indicator changes to a green checkmark. To see the results, just click on the scan’s name!
The green checkmark indicates that a vulnerability scan has been completed.
Fantastic job! You’ve just completed a vulnerability check on your Kali Linux host! On the scan summary page, select the Vulnerabilities tab to see the findings.
On the scan summary page, the discovered vulnerabilities are shown.
Steps to Follow
You downloaded, installed, and configured Nessus on a Kali Linux system in this tutorial. You then used the Nessus technology to check for vulnerabilities on a local Kali Linux system.
Examine the scan findings in further detail. What information can you glean from the scan you just completed? After you’ve gotten a handle on the Nessus program, you may start targeting other hosts by including the host’s IP address as a target in your scan.
The “uninstall nessus kali” is a tool that can be used to scan networks for vulnerabilities. The “Nessus and Kali Jumpstart Guide” will help you install Nessus, get started with the software, and how to use it.
- nessus download
- download nessus for kali linux
- install nessus on kali free
- how to install nessus
- kali linux nessus