Skip to content

Nessus Integration

Jump to bottom
xer0dayz edited this page Nov 19, 2021 · 5 revisions

Requirements

This add-on requires a Sn1per Professional v8.0 license along with the following add-ons and components:

  • Command Execution Add-on
  • Nessus Add-on
  • Nessus v8.x

This assumes that you already have a working Nessus installation running the latest version (8.11.x). If not, you can obtain a free Nessus license from https://www.tenable.com/downloads/nessus?loginAttempted=true

Installation

After Nessus is installed, follow the steps below to install the Nessus add-on:

  1. Run /etc/init.d/nessusd start to start the Nessus service
  2. Open a new browser window and go to: https://127.0.0.1:8834/#/ and login to confirm your Nessus installation
  3. Extract contents of nessus-add-on.tar.gz to /tmp/
cd tmp
tar -zxvf nessus-add-on.tar.gz
  1. Run install-nessus-add-on.sh script as 'root':
sudo bash install-nessus-add-on.sh

Configuration

  1. Add your Nessus host/IP, username and password to your /root/.sniper.conf file or create a separate configuration template (ie. /sniper/conf/nessus.conf) and set NESSUS="1" value to enable Nessus scanning in Sn1per:
# NESSUS CONFIG
NESSUS="1"
NESSUS_HOST="127.0.0.1:8834"
NESSUS_USERNAME="admin"
NESSUS_PASSWORD=""
NESSUS_POLICY_ID="c3cbcd46-329f-a9ed-1077-554f8c2af33d0d44f09d736969bf" #DEFAULT POLICY

Running scans

  1. Run a test vuln scan to confirm your installation:
sniper -t 127.0.0.1 -m vulnscan -w 127.0.0.1

OR

sniper -t 127.0.0.1 -c /sniper/conf/nessus.conf -m vulnscan -w 127.0.0.1

For multi-host scans, you can also use sniper -f targets.txt -m massvulnscan -w targets command.

Reporting

After the scan(s) complete, results will be shown in the workspace report view under the "Vulnerabilities" section and from the host report.

Copyright (c) Sn1perSecurity - https://sn1persecurity.com

Clone this wiki locally