Installing Nessus in Kali Linux
The Nessus vulnerability scanner is a great scanner for locating vulnerabilities in clients on local and remote networks. However, it does not come pre-installed in Kali Linux at this time. If you try to install it using the repositories, apt-get install nessus
, you will notice that there is no such package.
For this reason, you need to visit the Tenable website and download the package for Debian 7 (Kali Linux is built over Debian 7):
You can download the Nessus installation package (.deb
) here.
Now, install the package:
dpkg -i Nessus.....deb**
After it finishes installation, goto :
cd /opt/nessus/bin****$ ./nessus-fetch --register "QREDDR-3$FDF-DFSE3-DFSD3"
QREDDR-3$FDF-DFSE3-DFSD3
represents the serial code that tenable mailed you after your registration. If you haven’t registered yet, you will have to do it before you can use Nessus.
Go here for getting the registration code.
nessus-fetch --register <code>
will take sometime for updating plugins
These plugins are necessary to help Nessus locate the latest vulnerabilities. They are to Nessus what virus definition files are to antivirus software.
Update: Nessus GUI will ask you to set up user credentials after you visit the scanner for the first time after installation at the location https://localhost:8834
. Moreover, Nessus GUI automatically fetches the latest plugins after installation now. However, if you wish to install the plugins using command-line, and since nessus-fetch
has been deprecated, you need to use nessuscli
for updating the plugins: cd /opt/nessus/sbin/****#./nessuscli update
After it finishes the update, Nessus is ready to be launched. First, you need to ensure that the Nessus service is running on your system: service nessusd start
. This will start the Nessus service on port 8834
. Fire up your browser and type the following URL: https://127.0.0.1:8834
. The first time you access the scanner, it will take a long time to initialize:
After the initialization is complete, you can use the credentials you set up during installation to log into the Nessus scanner:
(It may ask to add a security exception since the SSL certificate is not verified; add the security exception).
And you’re in!!
Update: This is what the new interface looks like: