Nessus Integration
Pages 18
Clone this wiki locally
Requirements
This add-on requires a Sn1per Professional v9.0 license along with the following add-ons and components:
- Command Execution Add-on
- Nessus Add-on
- Nessus v8.8.x (Requires Nessus Add-on v1.0 & Sn1per Professional v9.0)
- Nessus v10.x (Requires Nessus Add-on v2.0 & Sn1per Professional v9.0)
This assumes that you already have a working Nessus installation running the latest version (8.11.x). If not, you can obtain a free Nessus license from https://www.tenable.com/downloads/nessus?loginAttempted=true
Installation
After Nessus is installed, follow the steps below to install the Nessus add-on:
- Run
/etc/init.d/nessusd start
to start the Nessus service - Open a new browser window and go to: https://127.0.0.1:8834/#/ and login to confirm your Nessus installation
- Extract contents of nessus-add-on.tar.gz to /tmp/
cd tmp
tar -zxvf nessus-add-on.tar.gz
- Run install-nessus-add-on.sh script as 'root':
sudo bash install-nessus-add-on.sh
Configuration
- Add your Nessus host/IP, username and password to your /root/.sniper.conf file or create a separate configuration template (ie. /sniper/conf/nessus.conf) and set NESSUS="1" value to enable Nessus scanning in Sn1per:
# NESSUS CONFIG
NESSUS="1"
NESSUS_HOST="127.0.0.1:8834"
NESSUS_USERNAME="admin"
NESSUS_PASSWORD=""
NESSUS_POLICY_ID="c3cbcd46-329f-a9ed-1077-554f8c2af33d0d44f09d736969bf" #DEFAULT POLICY
Running scans
- Run a test vuln scan to confirm your installation:
sniper -t 127.0.0.1 -m vulnscan -w 127.0.0.1
OR
sniper -t 127.0.0.1 -c /sniper/conf/nessus.conf -m vulnscan -w 127.0.0.1
For multi-host scans, you can also use sniper -f targets.txt -m massvulnscan -w targets
command.
NOTE: This can also be done using the Command Execution Add-on via the Sn1per Professional web UI by selecting the appropriate config template and selecting the 'vulnscan' mode.
Reporting
After the scan(s) complete, results will be shown in the workspace report view under the "Vulnerabilities" section and from the host report.