Professional Documents
Culture Documents
Day 27 - Vulnerability Analysis
Day 27 - Vulnerability Analysis
Demo 1: Nessus.
Installing Nessus:
● Please access your virtual machine running Windows Server 2019 by opening its windows.
● Next, launch the web browser and look for the specified link: https://www.tenable.com/downloads/nessus?
loginAttempted=true
● Afterward, the subsequent web page will display similar content as shown in the screenshot.
● Subsequently, a pop-up window will emerge, mirroring the appearance depicted in the screenshot. Click on "I
Agree" to proceed.
● Next, a window will appear, resembling the one depicted in the screenshot. Proceed by selecting "Next" to
continue.
● Upon the installation completion, a webpage will open as depicted in the provided screenshot.
● Subsequently, select "Acknowledge the Risk and Proceed" or "Accept the Risk and Continue."
● Please utilize a corporate email address (e.g., an email ending with @google.com or @yahoo.com is not
permissible).
● Afterward, proceed by selecting "Continue."
● At this point, the trial license information will be displayed. Proceed by selecting "Continue."
● Upon clicking, you will be directed to the subsequent page where you should select "Advanced Scan".
● Next, select the arrow adjacent to the "Save" button, as illustrated in the screenshot.
● Following that, you'll observe the scanning process commencing, akin to the presentation in the screenshot.
● Once the scanning process is finished, select the highlighted section as depicted in the screenshot.
● Next, a window similar to the one depicted in the screenshot will appear.
● Subsequently, the resulting PDF file will be saved in the Downloads folder.
● Please open and view the contents of the PDF file by double-clicking on it.
3. To scan the target website to find the vulnerabilities by using below commands and get the results shown
below: “nikto –h 192.168.0.116 –p 80”