Introduction

I have read the description

No answer needed

Installation

You will need to do this for an activation code.

No answer needed

Save it to your /Downloads/ folder

No answer needed

In the terminal we will navigate to that folder and run the following command:
sudo dpkg -i package_file.deb
Remember to replace package_file.deb with the file name you downloaded.

No answer needed

We will now start the Nessus Service with the command:
sudo /bin/systemctl start nessusd.service

No answer needed

Open up Firefox and goto the following URL:
https://localhost:8834/
You may be prompted with a security risk alert.
Click Advanced... -> Accept the Risk and Continue

No answer needed

Next, we will set up the scanner.
Select the option Nessus Essentials
Clicking the Skip button will bring us to a page, which we will input that code we got in the email from Nessus.

No answer needed

Fill out the Username and Password fields. Make sure to use a strong password!

No answer needed

Nessus will now install the plugins required for it to function.
This will take some time, which will depend on your internet connection and the hardware attached to your VM.
If the progress bar appears to be not moving, it means you do not have enough space on the VM to install.

No answer needed

Log in with the account credentials you made earlier.

No answer needed

You have now successfully installed Nessus!

No answer needed

Navigation and Scans

What is the name of the button which is used to launch a scan?

New Scan

What side menu option allows us to create custom templates?

Policies

What menu allows us to change plugin properties such as hiding them or changing their severity?

Plugin Rules

In the 'Scan Templates' section after clicking on 'New Scan', what scan allows us to see simply what hosts are alive?

Host Discovery

One of the most useful scan types, which is considered to be 'suitable for any host'?

Basic Network Scan

What scan allows you to 'Authenticate to hosts and enumerate missing updates'?

Credential Patch Audit

What scan is specifically used for scanning Web Applications?

Web Application Test

Scanning

Create a new 'Basic Network Scan' targeting the deployed VM. What option can we set under 'BASIC' (on the left) to set a time for this scan to run? This can be very useful when network congestion is an issue.

Schedule

Under 'DISCOVERY' (on the left) set the 'Scan Type' to cover ports 1-65535. What is this type called?

Port Scan (All Ports)

What 'Scan Type' can we change to under 'ADVANCED' for lower bandwidth connection?

Scan Low Bandwidth Links

With these options set, launch the scan

No answer needed

After the scan completes, which 'Vulnerability' in the 'Port scanners' family can we view the details of to see the open ports on this host?

Nessus SYN Scanner

What Apache HTTP Server Version is reported by Nessus?

2.4.99

Scanning a Web Application!

What is the plugin id of the plugin that determines the HTTP server type and version?

10107

What is the file extension of the config backup?

.bak

Which directory contains example documents? (This will be in a php directory)

/external/phpids/0.6/docs/examples/

What vulnerability is this application susceptible to that is associated with X-Frame-Options?

Clickjacking

THM Nessus - grunt92/IT-Sec-WriteUps GitHub Wiki

Introduction

I have read the description

Installation

You will need to do this for an activation code.

Save it to your /Downloads/ folder

In the terminal we will navigate to that folder and run the following command:
sudo dpkg -i package_file.deb
Remember to replace package_file.deb with the file name you downloaded.

We will now start the Nessus Service with the command:
sudo /bin/systemctl start nessusd.service

Open up Firefox and goto the following URL:
https://localhost:8834/
You may be prompted with a security risk alert.
Click Advanced... -> Accept the Risk and Continue

Next, we will set up the scanner.
Select the option Nessus Essentials
Clicking the Skip button will bring us to a page, which we will input that code we got in the email from Nessus.

Fill out the Username and Password fields. Make sure to use a strong password!

Nessus will now install the plugins required for it to function.
This will take some time, which will depend on your internet connection and the hardware attached to your VM.
If the progress bar appears to be not moving, it means you do not have enough space on the VM to install.

Log in with the account credentials you made earlier.

You have now successfully installed Nessus!

Navigation and Scans

What is the name of the button which is used to launch a scan?

What side menu option allows us to create custom templates?

What menu allows us to change plugin properties such as hiding them or changing their severity?

In the 'Scan Templates' section after clicking on 'New Scan', what scan allows us to see simply what hosts are alive?

One of the most useful scan types, which is considered to be 'suitable for any host'?

What scan allows you to 'Authenticate to hosts and enumerate missing updates'?

What scan is specifically used for scanning Web Applications?

Scanning

Create a new 'Basic Network Scan' targeting the deployed VM. What option can we set under 'BASIC' (on the left) to set a time for this scan to run? This can be very useful when network congestion is an issue.

Under 'DISCOVERY' (on the left) set the 'Scan Type' to cover ports 1-65535. What is this type called?

What 'Scan Type' can we change to under 'ADVANCED' for lower bandwidth connection?

With these options set, launch the scan

After the scan completes, which 'Vulnerability' in the 'Port scanners' family can we view the details of to see the open ports on this host?

What Apache HTTP Server Version is reported by Nessus?

Scanning a Web Application!

What is the plugin id of the plugin that determines the HTTP server type and version?

What is the file extension of the config backup?

Which directory contains example documents? (This will be in a php directory)

What vulnerability is this application susceptible to that is associated with X-Frame-Options?

⚠️ GitHub.com Fallback ⚠️

THM Nessus - grunt92/IT-Sec-WriteUps GitHub Wiki

Introduction

I have read the description

Installation

You will need to do this for an activation code.

Save it to your /Downloads/ folder

In the terminal we will navigate to that folder and run the following command:sudo dpkg -i package_file.debRemember to replace package_file.deb with the file name you downloaded.

We will now start the Nessus Service with the command:sudo /bin/systemctl start nessusd.service

Open up Firefox and goto the following URL:https://localhost:8834/You may be prompted with a security risk alert.Click Advanced... -> Accept the Risk and Continue

Next, we will set up the scanner.Select the option Nessus EssentialsClicking the Skip button will bring us to a page, which we will input that code we got in the email from Nessus.

Fill out the Username and Password fields. Make sure to use a strong password!

Nessus will now install the plugins required for it to function.This will take some time, which will depend on your internet connection and the hardware attached to your VM.If the progress bar appears to be not moving, it means you do not have enough space on the VM to install.

Log in with the account credentials you made earlier.

You have now successfully installed Nessus!

Navigation and Scans

What is the name of the button which is used to launch a scan?

What side menu option allows us to create custom templates?

What menu allows us to change plugin properties such as hiding them or changing their severity?

In the 'Scan Templates' section after clicking on 'New Scan', what scan allows us to see simply what hosts are alive?

One of the most useful scan types, which is considered to be 'suitable for any host'?

What scan allows you to 'Authenticate to hosts and enumerate missing updates'?

What scan is specifically used for scanning Web Applications?

Scanning

Create a new 'Basic Network Scan' targeting the deployed VM. What option can we set under 'BASIC' (on the left) to set a time for this scan to run? This can be very useful when network congestion is an issue.

Under 'DISCOVERY' (on the left) set the 'Scan Type' to cover ports 1-65535. What is this type called?

What 'Scan Type' can we change to under 'ADVANCED' for lower bandwidth connection?

With these options set, launch the scan

After the scan completes, which 'Vulnerability' in the 'Port scanners' family can we view the details of to see the open ports on this host?

What Apache HTTP Server Version is reported by Nessus?

Scanning a Web Application!

What is the plugin id of the plugin that determines the HTTP server type and version?

What is the file extension of the config backup?

Which directory contains example documents? (This will be in a php directory)

What vulnerability is this application susceptible to that is associated with X-Frame-Options?

⚠️ **GitHub.com Fallback** ⚠️

In the terminal we will navigate to that folder and run the following command:
sudo dpkg -i package_file.deb
Remember to replace package_file.deb with the file name you downloaded.

We will now start the Nessus Service with the command:
sudo /bin/systemctl start nessusd.service

Open up Firefox and goto the following URL:
https://localhost:8834/
You may be prompted with a security risk alert.
Click Advanced... -> Accept the Risk and Continue

Next, we will set up the scanner.
Select the option Nessus Essentials
Clicking the Skip button will bring us to a page, which we will input that code we got in the email from Nessus.

Nessus will now install the plugins required for it to function.
This will take some time, which will depend on your internet connection and the hardware attached to your VM.
If the progress bar appears to be not moving, it means you do not have enough space on the VM to install.

⚠️ GitHub.com Fallback ⚠️