Tenable Nessus Professional / Expert Installation (Web Application Scanning, Special Version in Linux etc)

Nessus Expert, an enhancement to the Tenable’s flagship vulnerability assessment tool Nessus and building upon Nessus Professional, is designed to address emerging cyberthreats across cloud infrastructure by applying a “smarter and simplified approach to DevSecOps,” according to Tenable.

The key capabilities of Nessus Expert are external attack surface discovery that allows IT and security professionals to discover internet-facing assets in domains and subdomains associated with an organization, the company says. In addition, Nessus Expert features IaC scanning that establishes guardrails in automated GitOps and CI/CD processes to ensure secure deployments with minimal effort with up to 500 pre-built policies.

Nessus Expert is essentially a more advanced version of Nessus Professional, offering external attack surface scanning, the ability to add domains and scan cloud infrastructure, all of which are not available with Nessus Professional.  

Products and Introduction

Nessus : Essentials & Professional (More features), Manager

Tenable.sc : (on prem) sc & sc+ (Nessus Network Monitor -NNM, Asset Criticality Rating - ACR)

Tenable.io : (cloud)

Tenable.ad : active directory

Tenable.cs : Cloud security 

Tenable.ot : 

For Tenable Nessus, there are four versions::

• Nessus Essentials
• Nessus Professional — The de-facto industry standard vulnerability assessment solution for security practitioners.
• Nessus Expert — The industry-leading vulnerability assessment solution for the modern attack surface. (No agent)
• Nessus Manager — The enterprise solution for managing Nessus Agents at scale.

# 1 准确度
Nessus 达到了 6 西格玛准确度，实现了业内最低的误报率: *每 100 万次扫描中仅有 0.32 次误报

# 1 覆盖面 

Nessus 拥有业内首屈一指,最广的漏洞覆盖面深度和广度

NESSUS 与业内其他漏洞评估解决方案对比

COMPARE TENABLE WITH INDUSTRY VULNERABILITY MANAGEMENT SOLUTIONS

• #1 CVEs coverage: Nessus has the deepest and broadest coverage with more  than 62,000 CVE and over 100 new plugins released weekly  within 24 hours of vulnerability disclosure.
• #1 in Adoption:  Nessus is trusted by more than 30,000 organizations globally. 50% of the Fortune 500 and  more than 30% of the Global 2000 rely on Nessus technology.
• #1 in Accuracy: Nessus has the industry’s lowest false positive rate with six- sigma accuracy (measured at .32 defects per 1 million scans).
• Top Leader in all Industry Research Reports such as IDC, Forrester Wave, etc.

Nessus has two key competitors:

1. Rapid 7 - Nexpose
2. Greenbone OpenVAS

Requirements

Hardware requirements

Hardware	Minimum Requirement
Processor	> 8 2GHz cores
RAM	> 8 GB Tenable recommends using 16 GB RAM for the best results.
Disk Space	> 40 GB, not including space used by the host operating system Your overall usage (scan results, plugin updates, logging) increase the amount of disk space needed over time.

System requirements:

While Tenable Nessus itself is installed directly on the host operating system, the web scanner portion of Tenable Nessus Expert is installed as a Docker image on the same host. To do this, your host must have Docker version 20.0.0 or later installed. The web application scanner cannot run if the host does not have Docker installed (all other Tenable Nessus functionality works as expected without Docker being installed).

Install Docker Desktop on Windows

WSL 2 Backend

1 Install WSL from Powershell command line (admin)

WSL --install

WSL --install -d Ubuntu

WSL --update

2 Install Docker Desktop 

1. Download the installer using the download button at the top of the page, or from the release notes.

2. Double-click Docker Desktop Installer.exe to run the installer. By default, Docker Desktop is installed at C:\Program Files\Docker\Docker.

3. When prompted, ensure the Use WSL 2 instead of Hyper-V option on the Configuration page is selected or not depending on your choice of backend.

   If your system only supports one of the two options, you will not be able to select which backend to use.

4. Follow the instructions on the installation wizard to authorize the installer and proceed with the install.

5. When the installation is successful, select Close to complete the installation process.

Note: 

• Use the WSL 2 based engine. WSL 2 provides better performance than the Hyper-V backend. For more information, see Docker Desktop WSL 2 backend.

Hyper-V backend and Windows containers

1 Install Hyper-V role and Container feature

2 Install Docker Desktop

Same steps as using WSL2 backend but no need to use WSL2 as backend.

Tenable Nessus Expert Instalaltion with Web Application Scanner

1. Install Hyper-V and Containers

Here is an example of Windows 10/11 to enable both features.

Download and install Docker Desktop:

https://www.docker.com/products/docker-desktop/

2. Download and Install Tenable Nessus

https://www.tenable.com/downloads/nessus?loginAttempted=true

3. Enable WAS - Web Application Scanning

4. Web App Scanning

By default, there is 5 web applications limitaton in Nessus Expert Edition. Each time, only one WAS instance allowed to launch. 

5. Settings,

Docker Desktop Containers:

When there is no web application scanning task. You wont be able to see any container running. Once you launched a WAS scan, you will see nessus-was-scanner container running. 

You might see multiple WAS containers running. There is one docker which name is nessus-was-scanner. Once you stopped this nessus-was-scanner docker, it will disappear from the list. Not sure why there is second one there. But if you do have one, you can stop it and delete it. It might come from a manual creation based on image. 

Docker image:

Nessus Linux Installation Code

 For Debian： 

【1】Download nessus.sh script。

Download Address： nessus.sh

Or copy following code and save it as nessus.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "请使用 root 用户运行" ; exit 1 ; fi
echo //==============================================================
echo   Nessus 最新版本下载、安装和破解   -Zen 20230819
echo   特别感谢 John Doe 在 Debian 上演示这一操作的有效性
echo   感谢 369 提供关于 "latest" 的提示
echo //==============================================================
echo " + 增加了防滑附加功能，移除所有 chattr 设置 20231013"
chattr -i -R /opt/nessus
echo " + 确保我们有先决条件.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " + 停止旧的 nessusd 服务，以防存在一个！"
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 下载 Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-debian10_amd64.deb' \
  --output 'Nessus-latest-debian10_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-debian10_amd64.deb ]; then
  echo " + Nessus 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装 Nessus.."
dpkg -i Nessus-latest-debian10_amd64.deb &>/dev/null
# 看，我试图只是进行更改和运行，但它不起作用。如果你能优化我的操作，让我知道。但对我来说，这是唯一需要运行的 :/
echo " + 第一次初始化时启动服务（必须执行）"
/bin/systemctl start nessusd.service &>/dev/null
echo " + 让 Nessus 初始化，等待大约 20 秒..."
sleep 20
echo " + 停止 nessus 服务.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " + 更改 nessus 设置为 Zen 偏好（自由战士模式）"
echo "   监听端口: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   主题: 暗色"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   安全检查: 关闭"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   日志: 性能"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   更新: 关闭"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   遥测: 关闭"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " + 添加一个用户，稍后可以更改（用户名:admin, 密码:ddosi）"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "登录密码:"
send "ddosi\r"
expect "登录密码（再次输入）:"
send "ddosi\r"
expect "*(可以上传插件等)？ (y/n)*"
send "y\r"
expect "*(用户可以有一个空的规则集)"
send "\r"
expect "是否确定*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " + 下载新的插件.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " + 插件 all-2.0.tar.gz 下载失败 :/ 退出。从 t.me/pwn3rzs 获取拷贝"
  exit 0
fi }
echo " + 安装插件.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " + 获取版本号.."
# 我曾经看到这个对于下载不正确。嗯，但对我来说它有效。
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " + 构建插件 feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " + 保护文件.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " + 设置所有文件为不可变..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " + 但是取消关键文件的不可变性.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " + 启动服务.."
/bin/systemctl start nessusd.service &>/dev/null
echo " + 再等待 20 秒以便服务器有足够的时间启动！"
sleep 20
echo " + 监控 Nessus 进度。以下行每 10 秒更新一次直到 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n 问题：Nessus 服务器无法访问？再次尝试..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o 完成!\n'
echo
echo "        访问 Nessus:  https://localhost:11127/ （或您的 VPS IP）"
echo "                             用户名: admin"
echo "                             密码: ddosi"
echo "                             随时可以更改"
echo
read -p "按 Enter 键继续"

Plain text

【2】Grant execute permission for this script

chmod +x nessus.sh

Plain text

【3】using root account to run nessus.sh.（Wait about 10-15 Mins)

./nessus.sh

Plain text

【4】Complete the installation.

【5】Open following URL to log into Nessus。

https://127.0.0.1:11127/ or https://localhost:11127/

【6】Log in with default username and password

账号	密码
admin	ddosi

Licensed host : unlimited.

Plugin set : latest date

Nessus stop and start commands

Start

sudo systemctl start nessusd && systemctl --no-pager status nessusd

Plain text

或直接搜索Nessus，点击nessus start即可

Stop

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

Plain text

or directly search Nessus file，then run nessus stop.

For Ubuntu:

Same steps as Debian

Download address：nessus_ubuntu.sh

Or directly copy following code then save it as nessus_ubuntu.sh

#!/bin/bash
if [[ $(id -u) -ne 0 ]] ; then echo "Please run as root" ; exit 1 ; fi
echo //==============================================================
echo   Nessus latest DOWNLOAD, INSTALL, and CRACK   -Zen 20230819
echo   special thanks to John Doe for showing this works on Debian
echo   THANKS 369 for tip about LATEST as a version number
echo //==============================================================
echo " o antiskid extra thing added removing all chattr 20231013"
chattr -i -R /opt/nessus
echo " o making sure we have prerequisites.."
apt update &>/dev/null
apt -y install curl dpkg expect &>/dev/null
echo " o stopping old nessusd in case there is one!"
/bin/systemctl stop nessusd.service &>/dev/null
echo " o downloading Nessus.."
curl -A Mozilla --request GET \
  --url 'https://www.tenable.com/downloads/api/v2/pages/nessus/files/Nessus-latest-ubuntu1404_amd64.deb' \
  --output 'Nessus-latest-ubuntu1404_amd64.deb' &>/dev/null
{ if [ ! -f Nessus-latest-ubuntu1404_amd64.deb ]; then
  echo " o nessus download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing Nessus.."
dpkg -i Nessus-latest-ubuntu1404_amd64.deb &>/dev/null
# look I tried to just make changes and run but it doesnt work. if you can optimize
# what im doing here, let me know.  but this was it for me, it had to be run once :/
echo " o starting service once FIRST TIME INITIALIZATION (we have to do this)"
/bin/systemctl start nessusd.service &>/dev/null
echo " o let's allow Nessus time to initalize - we'll give it like 20 seconds..."
sleep 20
echo " o stopping the nessus service.."
/bin/systemctl stop nessusd.service &>/dev/null
echo " o changing nessus settings to Zen preferences (freedom fighter mode)"
echo "   listen port: 11127"
/opt/nessus/sbin/nessuscli fix --set xmlrpc_listen_port=11127 &>/dev/null
echo "   theme:       dark"
/opt/nessus/sbin/nessuscli fix --set ui_theme=dark &>/dev/null
echo "   safe checks: off"
/opt/nessus/sbin/nessuscli fix --set safe_checks=false &>/dev/null
echo "   logs:        performance"
/opt/nessus/sbin/nessuscli fix --set backend_log_level=performance &>/dev/null
echo "   updates:     off"
/opt/nessus/sbin/nessuscli fix --set auto_update=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set auto_update_ui=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set disable_core_updates=true &>/dev/null
echo "   telemetry:   off"
/opt/nessus/sbin/nessuscli fix --set report_crashes=false &>/dev/null
/opt/nessus/sbin/nessuscli fix --set send_telemetry=false &>/dev/null
echo " o adding a user you can change this later (u:admin,p:ddosi)"
cat > expect.tmp<<'EOF'
spawn /opt/nessus/sbin/nessuscli adduser admin
expect "Login password:"
send "ddosi\r"
expect "Login password (again):"
send "ddosi\r"
expect "*(can upload plugins, etc.)? (y/n)*"
send "y\r"
expect "*(the user can have an empty rules set)"
send "\r"
expect "Is that ok*"
send "y\r"
expect eof
EOF
expect -f expect.tmp &>/dev/null
rm -rf expect.tmp &>/dev/null
echo " o downloading new plugins.."
curl -A Mozilla -o all-2.0.tar.gz \
  --url 'https://plugins.nessus.org/v2/nessus.php?f=all-2.0.tar.gz&u=4e2abfd83a40e2012ebf6537ade2f207&p=29a34e24fc12d3f5fdfbb1ae948972c6' &>/dev/null
{ if [ ! -f all-2.0.tar.gz ]; then
  echo " o plugins all-2.0.tar.gz download failed :/ exiting. get copy of it from t.me/pwn3rzs"
  exit 0
fi }
echo " o installing plugins.."
/opt/nessus/sbin/nessuscli update all-2.0.tar.gz &>/dev/null
echo " o fetching version number.."
# i have seen this not be correct for the download.  hrm. but, it works for me.
vernum=$(curl https://plugins.nessus.org/v2/plugins.php 2> /dev/null)
echo " o building plugin feed..."
cat > /opt/nessus/var/nessus/plugin_feed_info.inc <<EOF
PLUGIN_SET = "${vernum}";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";
EOF
echo " o protecting files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
cp /opt/nessus/var/nessus/plugin_feed_info.inc /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
echo " o let's set everything immutable..."
chattr +i /opt/nessus/var/nessus/plugin_feed_info.inc &>/dev/null
chattr +i -R /opt/nessus/lib/nessus/plugins &>/dev/null
echo " o but unsetting key files.."
chattr -i /opt/nessus/lib/nessus/plugins/plugin_feed_info.inc &>/dev/null
chattr -i /opt/nessus/lib/nessus/plugins  &>/dev/null
echo " o starting service.."
/bin/systemctl start nessusd.service &>/dev/null
echo " o Let's sleep for another 20 seconds to let the server have time to start!"
sleep 20
echo " o Monitoring Nessus progress. Following line updates every 10 seconds until 100%"
zen=0
while [ $zen -ne 100 ]
do
 statline=`curl -sL -k https://localhost:11127/server/status|awk -F"," -v k="engine_status" '{ gsub(/{|}/,""); for(i=1;i<=NF;i++) { if ( $i ~ k ){printf $i} } }'`
 if [[ $statline != *"engine_status"* ]]; then echo -ne "\n Problem: Nessus server unreachable? Trying again..\n"; fi
 echo -ne "\r $statline"
 if [[ $statline == *"100"* ]]; then zen=100; else sleep 10; fi
done
echo -ne '\n  o Done!\n'
echo
echo "        Access your Nessus:  https://localhost:11127/ (or your VPS IP)"
echo "                             username: admin"
echo "                             password: ddosi"
echo "                             you can change this any time"
echo
read -p "Press enter to continue"

Plain text

Uninstall:

【1】stop Nessus service。

sudo systemctl stop nessusd && systemctl --no-pager status nessusd

Plain text

【2】change /opt/nessus/ folder's permission

chattr -i -R /opt/nessus/

Plain text

【3】remove Nessus

apt remove nessus

Plain text

Notes:

Issue ：After system or Nessus restarted，scan button might not enable yet to use。
Cause：Nessus is updating / re-compileing the plug-ins.
Solution：Wait for 3~5 minutes.

Nessus Windows Installation Method

 

For Windows:

1.1下载安装包后，自己安装。

1.2 浏览器访问 https://127.0.0.1:8834

重点：选择“Managed Scanner”, 再选择 “Tenable.sc”，最后一步设置账号密码，账号密码没要求。

Select Managed by tenable SC. 

第2步：获取插件包

 2.1在命令行模式下（管理员身份运行）,输入“net stop "Tenable Nessus"停止NESSUS的服务。

2.2.在命令行模式下，进入到安装目录（我的目录是D:\Software\NESSUS)下,执行以下命令，获得Challenge code值：（记得保存Challenge code值）

.\nessuscli.exe fetch --challenge 

2.3 注册NESSUS官网的账号密码，获得Activation Code 值

   注册地址：https://zh-cn.tenable.com/products/nessus/nessus-essentials

  注册成功后，邮箱会收到一份邮件，邮件内容有Activation Code 值

2.4获得插件包

下载地址：https://plugins.nessus.org/v2/offline.php

依次填写2.2 、2.3获得的Challenge code 、Activation Code，随后得到插件包 all-2.0.tar.gz

2.5加载插件包

把插件包放到目录D:\Software\NESSUS\，随后执行下面的命令。第三个命令执行成功后会得到一串版本号（记得保存版本号XXX.XX.XXX）This is also will be used as the value of PLUGIN_SET in the file plugin_feed_info.inc.

attrib -s -r -h "D:\Software\NESSUS\nessus\plugins\*.*"
attrib -s -r -h "D:\Software\NESSUS\nessus\plugin_feed_info.inc"
.\nessuscli.exe update D:\Software\NESSUS\nessus\all-2.0.tar.gz

第3步:  破解

3.1打开D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc，将下面的代码覆盖文件内容。

其中的XXX.XX.X..是2.5中获得的版本号。

 
PLUGIN_SET = "XXX.XX.X...";
PLUGIN_FEED = "ProfessionalFeed (Direct)";
PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

3.2在管理员模式下执行如下命令：

copy "D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc" "D:\Software\NESSUS\nessus\"
copy "D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc" "D:\Software\NESSUS\nessus\.plugin_feed_info.inc"
attrib +s +r +h "D:\Software\NESSUS\nessus\plugins\*.*"
attrib +s +r +h "D:\Software\NESSUS\nessus\plugin_feed_info.inc"
attrib -s -r -h    "D:\Software\NESSUS\nessus\plugins\plugin_feed_info.inc"
net start "Tenable Nessus"

第4步:  关闭更新

    4.1 大家完成前三大步后，重新登录NESSUS页面，成功登录进去后，会出现一个Settings的页面，在更新的选择中，选择“disenable”,

    右上角有一个圈圈一直在转，表示它在加载资源，后面加载完后，全区圈圈会消失，大家耐性等待。

第5步：避坑指南

坑1：如果没有关闭更新，第二次启动时，NESSUS的操作界面会自动更新，导致破解失败。

        解决方法：在完成前三步后，成功登录NESSUS，记得永久关闭更新，选择“dienable”

坑2：如果出现功能不能正常使用的情况，可以重启服务或者重启电脑。

        具体情形：页面中没有出现“Scan”扫描功能，或者功能无法使用。

坑3：扫描结果报错：Network interface transient error The network interface

         具体报错：The network interface ‘\Device\NPF_{DF6D9295-830F-4A92-B0E4-D0C0C9188C87}’ was not always available for packet forgery, which may lead to incomplete results. This is likely to be a transient error due to a lack of resources on this host. To correct this error, reduce the number of scans and/or hosts scanned in parallel

        官方解决方法网址：Tenable Communityhttps://community.tenable.com/s/article/Resolving-the-network-interface-does-not-support-packet-forgery-error?language=en_US

    （1）安装Wincap、Npcap；

    （2）在电脑上的网卡中，选择你正在连接外网的那张网卡，在属性中不勾选IPV6。

==============================================================================

1设置(https://www.tenable.com/downloads/nessus?loginAttempted=true)

2安装nessus并打开web ui（localhost:8834）

3选择第4个选项（托管扫描仪），然后选择“tenable.sc”

4登录后完成所有步骤

5打开https://localhost:8834#/

6打开CMD，输入services.msc

7找到Tenable Nessus，停止此服务

8搜索此文件“plugin_feed_info.inc”的所有位置

文件位置：

C:\ProgramData\Tenable\Nessus\Nessus\plugin_feed_info.inc

C:\ProgramData\Tenable\Nessus\Nessus\plugins\plugin_feed_info.inc

9.利用提供的plugin_feed_info.inc，覆盖掉这两个目录下的配置文件

（覆盖比较方便，自己写入比较麻烦）

或者在里面写入：

PLUGIN_SET = "202208261352";

PLUGIN_FEED = "ProfessionalFeed (Direct)";

PLUGIN_FEED_TRANSPORT = "Tenable Network Security Lightning";

没有的话直接加进去就行了. 上述 PLUGIN_SET 后的数字（日期）并没有严格要求，根据日期来写以便识别版本（安装插件时会显示版本号）。

10.打开CMD（以管理员身份运行）

（1）在任务栏搜索框（屏幕最下面自带的）里输入“cmd”，旁边有个选项：以管理员身份运行

（2）用在文件夹中cmder.exe，右键用管理员身份运行

11.更改文件属性命令

attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugins*.*"

attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc"

12.更新插件命令

"C:\Program Files\Tenable\Nessus\nessuscli.exe" update "文件路径\all-2.0_202208261352.tar.gz"

13.将文件复制到文件夹命令

copy "C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc" "C:\ProgramData\Tenable\Nessus\nessus"

14.更改文件属性命令

attrib +s +r +h "C:\ProgramData\Tenable\Nessus\nessus\plugins*.*"

attrib +s +r +h "C:\ProgramData\Tenable\Nessus\nessus\plugin_feed_info.inc"

attrib -s -r -h "C:\ProgramData\Tenable\Nessus\nessus\plugins\plugin_feed_info.inc"

15.启动Nessus服务命令

net start "Tenable Nessus"

//如果无效，请用第6步的方法打开Tenable Nessus，重启一次试试

16.打开 https://localhost:8834/#/，输入之前填写的账号密码

如果出现scans，就证明破解成功了

如果安装后插件全部消失，估计是plugin_feed_info.inc出问题了，打开看看是不是被重置了。如果是，就按照上面的步骤一步一步重新安装就一遍就行了，一步都不能落下，每一步都是有他的必要性的

Note: https://blog.csdn.net/weixin_42241613/article/details/135475110

License

 

There is no easy way to get license count and reclaim time. 

Basically, you have to count manually from your last scan:

• While for WAS you have to add 90 days to the last scanned time.
• In Tenable one, Licenses from deleted assets are reclaimed within 24 hours. Licenses for assets that age out are reclaimed after a length of time you specify, or after 90 days.

Videos

 

References

• Get Started with Web Application Scanning in Tenable Nessus Expert
• Install Docker Desktop on Windows : https://docs.docker.com/desktop/install/windows-install/
• https://notes.51sec.org/article/7b572b9c-51d1-4c5b-a13c-eb74ab8a0697
• Tenable.IO Vulnerability Management - Basic Usage with Sensor and Agent Installation
• Tenable Vulnerability Management - Tenable.IO Tips and Tricks with Best Practices
• Install/Register Free Nessus Scanner Essentials and Execute a Vulnerability Scan
• Phases of a vulnerability scan
• Troubleshooting credentialed scanning on Windows
• America's Cyber Defense Agency - CISA Known Exploited Vulnerabilities Catalog
• Tenable COMPARE TENABLE WITH INDUSTRY VULNERABILITY MANAGEMENT SOLUTIONS
• https://static.tenable.com/marketing/whitepapers/Whitepaper-Miercom_Comparing_the_coverage_of_CISA_KEV_vulnerabilities_across_top_vulnerability_management_providers.pdf - Tenable coverage details comparing with others