Nessus is an open-source network vulnerability scanner that uses the Common Vulnerabilities and Exposures architecture for easy cross-linking between compliant security tools. Nessus employs the Nessus Attack Scripting Language (NASL), a simple language that describes individual threats and potential attacks.
Nessus has a modular architecture consisting of centralized servers that conduct scanning, and remote clients that allow for administrator interaction. Administrators can include NASL descriptions of all suspected vulnerabilities to develop customized scans.
Significant capabilities of Nessus include:
Compatibility with computers and servers of all sizes.
Detection of security holes in local or remote hosts.
Detection of missing security updates and patches.
Simulated attacks to pinpoint vulnerabilities.
Execution of security tests in a contained environment.
Scheduled security audits.
You can download the desired version for Linux or Windows from this LINK.
To start Nessus for Linux either from the application menu click on Nesses Start or write in terminal systemctl start nessuesd
Now open up your browser and write https://localhost:8834 to navigate to Nessus page, click on Advanced button and then click “Accept the Risk and Continue”
The first screen will be the login screen where you create a user and password:
Click on “Create a new scan” to see all the scan tools available to run a scan from basic to advance:
Choosing “Basic Network Scan” and adding description to the search and the target, from the “Save” button click Launch:
The scan will start immediately and we can click on the scan to see the results:
By clicking on the vulnerability we can see a description about it and how to fix it and also an output regarding the target information: