Now that we have outlined the basics of the command line nmap scan (remember that when it comes to security tools the gui is for chumps) I will now go on and build on that knowledge with some Nessus command line ninja moves.
Firstly you need to install your Nessus Server onto your linux box. Just follow the instructions as this is not too difficult and it is covered in many other places.
Now that you have Nessus server installed we want to start some scans, but instead of using the Gui client we are going to go a step further and use the command line nesssus as our client. Actually the Nessus gui is quite a good little tool and I have used it many times. The command line tool is appropriate for running scans from remote linux servers that you and for scripting the scans (just like https://hackertaget.com does!). 🙂
nessus, version 3.0.6. Common options : nessus [-vnh] [-c .rcfile] [-V] [-T <format>] Batch-mode scan: nessus -q [-pPS] <host> <port> <user> <pass> <targets-file> <result-file> Report conversion : nessus -i in.[nsr|nbe] -o out.[xml|nsr|nbe|html|txt] General options : -v : shows version number -h : shows this help -T : Output format: 'nbe', 'nsr', 'html', 'xml' or 'txt' -V : make the batch mode display status messages to the screen. -x : override SSL "paranoia" question preventing nessus from checking certificates. The batch mode (-q) arguments are : host : nessusd host port : nessusd host port user : user name pass : password targets : file containing the list of targets result : name of the file where nessus will store the results -p : obtain list of plugins installed on the server. -P : obtain list of server and plugin preferences. -S : issue SQL output for -p and -P (experimental). -l : Display license information
Now for an example:
nessus -q -x -T html 192.168.1.1 1241 admin adminpassword filewithtargets.txt resultsfile.html
Using the command line version of nessus can be a very helpful and time saving trick to help you stay secure.