Welcome to one of the Kali Linux operation guides to install the Nessus vulnerability scanner on Kali Linux 2020.x. Nessus is a proprietary vulnerability assessment tool widely used for web and mobile applications. Nessus was created to help you reduce your organization’s attack surface and ensure compliance in virtual, physical, mobile and cloud environments.
Nessus has the world’s largest, constantly updated vulnerability and configuration checking library. This ensures a standard of speed and accuracy. With Nessus, you can audit the following environments:
- Internet equipment: Firewalls / Routers / Switches (Juniper Networks, Check Point, Cisco, Palo Alto Networks), Printers, Storage
- Virtualization: VMware ESX, ESXi, vSphere, vCenter, Hyper-V, and Citrix Xen Server
- operating system: Windows, Mac, Linux, Solaris, BSD, Cisco iOS, IBM iSeries
- database: Oracle, SQL Server, MySQL, DB2, Informix / DRDA, PostgreSQL, MongoDB
- Internet application: Web Server, Web Service, OWASP Vulnerability
- cloud: Scan cloud applications and instances (such as Salesforce and AWS)
- Compliance: Help meet government, regulatory, and company requirements
- Web application scan meets PCI DSS requirements through configuration audit
Install Nessus Vulnerability Scanner on Kali Linux
Download the package and confirm that it is available for installation locally.
$ ls Nessus-8.9.0-debian6_amd64.deb Nessus-8.9.0-debian6_amd64.deb
Use the following command to install the Nessus vulnerability scanned on Kali Linux.
$ sudo dpkg -i Nessus-8.9.0-debian6_amd64.deb Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'nessus' instead of './Nessus-8.9.0-debian6_amd64.deb' The following NEW packages will be installed: nessus 0 upgraded, 1 newly installed, 0 to remove and 21 not upgraded. Need to get 0 B/86.2 MB of archives. After this operation, 0 B of additional disk space will be used. Get:1 /home/jkmutai/Nessus-8.9.0-debian6_amd64.deb nessus amd64 8.9.0 [86.2 MB] Selecting previously unselected package nessus. (Reading database ... 274633 files and directories currently installed.) Preparing to unpack .../Nessus-8.9.0-debian6_amd64.deb ... Unpacking nessus (8.9.0) ... Setting up nessus (8.9.0) ... Unpacking Nessus Scanner Core Components... - You can start Nessus Scanner by typing /etc/init.d/nessusd start - Then go to https://kali:8834/ to configure your scanner Processing triggers for systemd (244.1-1) ...
When upgrading Nessus Vulnerability Scanner on Kali Linux, the same command will be used. You just need to change the file name.
Start Nessus service on Kali Linux
After installing the package, you need to start the services required to operate the Nessus vulnerability scanner.
sudo systemctl enable nessusd sudo systemctl start nessusd
Confirm that nessusd is actually up and running.
$ systemctl status nessusd.service ● nessusd.service - LSB: Starts and stops the Nessus Loaded: loaded (/etc/init.d/nessusd; generated) Active: active (running) since Sun 2020-02-23 08:37:47 EST; 1s ago Docs: man:systemd-sysv-generator(8) Process: 19079 ExecStart=/etc/init.d/nessusd start (code=exited, status=0/SUCCESS) Tasks: 19 (limit: 2318) Memory: 70.2M CGroup: /system.slice/nessusd.service ├─19081 /opt/nessus/sbin/nessus-service -D -q └─19082 nessusd -q .....
Nessus daemon binds to TCP port
$ sudo ss -ant | grep 8834 LISTEN 0 1024 0.0.0.0:8834 0.0.0.0:* LISTEN 0 1024 [::]:8834 [::]:*
Configure Nessus Vulnerability Scanner on Kali Linux
Access Nessus web interface on server IP or hostname port 8834 Complete the installation and activation of Nessus.
For me, this would be:
On the first page, select the Nessus product to use.
Since I chose to install Nessus Essentials, I will provide personal information to receive emails with a free Nessus Essentials activation code.
Now, enter the activation code you received in the email to sign up for Nessus.
Create a Nessus administrator account on the next page.
Nessus’s will will begin preparing documents needed to scan assets.
This may take some time when Nessus downloads the plugin and prepares to scan the files needed for the asset.
The default page when Nessus logs in should look similar to the following.
Add a network to start scanning.
You have successfully installed the Nessus vulnerability scanner on Kali Linux.
Install Metasploit framework on Kali Linux
How to launch Metasploit framework on Kali Linux
How to disable SSH host key checking on Linux
How to change the SSH port on CentOS / RHEL 7/8 and Fedora using SELinux