Miss scan tool classification
- Nessus represents host miss scan tool
- Website miss scan tool representative: AWVS
Common missed sweep tools are
- AppScan
- AWVS
- Nessus
- SQLmap
- XssPy
Tools installation
AWVS
Look at this article
Nessus
Nessus select Nessus-8.10.0-debian6_amd64.deb to download.
Once the download is complete, move it to kali, then move it to the /opt directory, install and open it
Sudo cp Nessus - 8.10.0 - debian6_amd64. D/optcd /opt
sudo dpkg -i Nessus-8.10.0-debian6_amd64.d
sudo systemctl start nessusd.service
Copy the codeIn this case, you can open the browser and log in to https://kali:8834/, and skip the danger warning.
Next although entered the main page but in fact the function is not complete, so we have to go to the official website to patch
The challenge code is generated locally
sudo /opt/nessus/sbin/nessuscli fetch --challenge
Copy the codeWill get a string of numbers, then go to the activation code of the site, enter your email to get the activation code
Activation code: www.tenable.com/products/ne…
Activation: plugins.nessus.org/v2/offline….
So here I use another method to register Nessus
Do you guys have any good tutorials? I now know to add a target scan, do not know how to configure the relevant information, if there is a comment can learn together