Nessus professional scanning

Asphyxia

Owner
Administrator
Apr 25, 2015
1,845
2
2,199
327
1579810375712.png

Anyone can get their hands on Nessus professional for scanning, at least a trial.

Setting up as simple, you go to the Nessus downloads page

If you request a free trial license, they are quick to email you one.

You can then run Nessus professional scans alongside OpenVas. A nice tool to automate all scanning is https://www.seccubus.com/ - Seccubus automates vulnerability scanning with: Nessus, OpenVAS, NMap, SSLyze, Medusa, SkipFish, OWASP ZAP and SSLlabs

Anyone who has ever used a vulnerability scanner like Nessus or OpenVAS will be familiar with one of their biggest drawbacks. They a very valuable tools, but unfortunately they are also very noisy. The time needed to report on the findings of a scan is often two or three times the time needed to do the actual scan. Seccubus was created to more effectively analyze the results of regular vulnerability scans. It was designed with defenders in mind who have to scan the same infrastructure regularly.

This scan automation tool supports these scanning utilities:
  • Nessus
  • OpenVAS
  • Nmap
  • Nikto
  • Medusa
  • SSLyze
  • Qualys SSL labs
  • testssl.sh
  • SkipFish
  • ZAP

Unfortunately, the Seccubus tool is also deprecating support for Nessus too, so honestly I am kind of concerned with the long term usefulness of the project. I recommend testing what works and what does not!

A lot of this information shared reflects some info over here, by total accident: https://www.fuzzysecurity.com/tutorials/8.html
 
Top