The vulnerability database that Nessus has is its main advantage. While the techniques to understanding which service is running and what version of the software is running the service are known to us, answering the question, "Does this service have a known vulnerability" is the important one. Apart from a regularly updated vulnerability database, Nessus also has information on default credentials found in applications, default paths, and locations. All of this fine-tuned in an easy way to use CLI or web-based tool.
Before diving into how we are going to set up Nessus to perform vulnerability scanning and network scanning against our infrastructure, let's see why we have to set it up and what it will give us in return.
In this chapter, we will focus on doing vulnerability scanning using Nessus. We will try out the standard activities...