Vulnrability Discovery is the step where we as a Penetration Tester find out the issues in the current systems, network or web applications. It is of two types: Manual and Automated. In manual approach, we find version specific vulnerabilities from security vulnerability databeses. While in automated approach, scanners (tools) are used. Major databases includes Exploit-db, Securityfocus and cvedetails. While major automated scanners involves Nessus, Nexpose, Retina, Acunetix, etc.

Deliverables:

Lab Set up

• Virtualization using Oracle Virtual box

• Attacker’s System: Kali Linux

• Target 1 System: Metasploitable 2

1. Nessus doen't come pre installed in Kali Linux. So first we have to install it. Go to browser in Kali Linux --> www.tenable.com/products/nessus_home

2. Register and download debian file into root directory.

3. In Kali Linux --> Terminal

4. Install downlaoded debian package of nessus.

~# dpkg -i {downlaoded file.deb}

Here, dpkg --> Debian Package

-i --> Install

5. Now start nessus process.

~# /etc/init.d/nessus start

6. It will start Nessus in browser. The URL will be https://kali:8834

Here, 8834 --> Default port for Nesuss.

7. Do the initial account setup. Now your account is set. You can use Nessus.

8. To start Nessus everytime you have to start Nessus process.

~# service nessus start

9. Login using id and password.

10. Set up policy by Policies --> New Policy --> Select any of the scan .e.g. basic network scan. and Fill up details.

11. Similarly, set up scan by Scans --> New Scan --> Select one of them. and start the scan.

12. Click on the running scans and you can see the running scanning. you can export the results to other documents like pdf. Thus Nessus can be used to scan a target.