Although it's true that you can not use vulnerability scanners on the OSCP exam it is still a good practice to get familiar with these tools and learn how to use them inside and out. For that reason in the next few articles we will focus on getting the very popular Nessus vulnerability scanner installed and configured so that we can begin using it to scan targets.
- Download Nessus Essentials from Tenable Website. This will give you free access to scan up to 16 IP addresses:
- Once downloaded check the integrity hash of the file using
sha256sum Nessus.deb - Install Nessus on Kali using
sudo dpkg -I Nessus.deb - Start Nessus up using
sudo /etc/init.d/nessusd start - Open up Firefox web browser and navigate to
https://localhost:8834 - Accept the security risk warning as this is due to us using a self signed certificate
- Select Nessus Essentials:
- If you already have an activation code hit skip on the menu below. If you do not have a code already fill out the details below to receive an activation code by email
- Enter in the activation code
- Create a username and password to use with Nessus. These will be the credentials you use to access the web portal going forward
- Wait for Nessus to initialize (This could take up to 30 minutes or more)
