Skip to content

Nessus Integration

xer0dayz edited this page Nov 19, 2021 · 4 revisions

Requirements

This add-on requires a Sn1per Professional v9.0 license along with the following add-ons and components:

This assumes that you already have a working Nessus installation running the latest version (8.11.x). If not, you can obtain a free Nessus license from https://www.tenable.com/downloads/nessus?loginAttempted=true

Installation

After Nessus is installed, follow the steps below to install the Nessus add-on:

  1. Run /etc/init.d/nessusd start to start the Nessus service
  2. Open a new browser window and go to: https://127.0.0.1:8834/#/ and login to confirm your Nessus installation
  3. Extract contents of nessus-add-on.tar.gz to /tmp/
cd tmp
tar -zxvf nessus-add-on.tar.gz
  1. Run install-nessus-add-on.sh script as 'root':
sudo bash install-nessus-add-on.sh

Configuration

  1. Add your Nessus host/IP, username and password to your /root/.sniper.conf file or create a separate configuration template (ie. /sniper/conf/nessus.conf) and set NESSUS="1" value to enable Nessus scanning in Sn1per:
# NESSUS CONFIG
NESSUS="1"
NESSUS_HOST="127.0.0.1:8834"
NESSUS_USERNAME="admin"
NESSUS_PASSWORD=""
NESSUS_POLICY_ID="c3cbcd46-329f-a9ed-1077-554f8c2af33d0d44f09d736969bf" #DEFAULT POLICY

Running scans

  1. Run a test vuln scan to confirm your installation:
sniper -t 127.0.0.1 -m vulnscan -w 127.0.0.1

OR

sniper -t 127.0.0.1 -c /sniper/conf/nessus.conf -m vulnscan -w 127.0.0.1

For multi-host scans, you can also use sniper -f targets.txt -m massvulnscan -w targets command.

NOTE: This can also be done using the Command Execution Add-on via the Sn1per Professional web UI by selecting the appropriate config template and selecting the 'vulnscan' mode.

Reporting

After the scan(s) complete, results will be shown in the workspace report view under the "Vulnerabilities" section and from the host report.