Is there a difference between CGI vulnerabilities and web vulnerabilities?
I hope this is the right place to ask this question. So, perhaps some of you have heard of Nessus. It's a (network) vulnerability scanner and i have noticed that it also has a functionality to scan...
View ArticleIs there API or command exist to fetch all servers last patched timestamp...
I got a task to generate a report that contains all servers(aws ec2 instances) last patched date & time.
View ArticleHow to use Tenable.io-SDK-for-Java in my java (maven) project?
Here is the Tenable.io-SDK-for-Java available at https://github.com/tenable/Tenable.io-SDK-for-Java But it seems to be a Gradle build. I am totally new to Gradle. I've used maven in all my java...
View ArticleNessus wont sync on Ubuntu 18.04
# sudo greenbone-nvt-sync # sudo greenbone-scapdata-sync # sudo greenbone-certdata-sync rsync: safe_read failed to read 1 bytes [Receiver]: **Connection timed out** (110) rsync error: error in rsync...
View ArticleAsset Discovery with OS Detection
I have been attempting to run a Nessus scan on my PC to detect OS and not having any luck. I have used Host Discovery OS detection. I have also tried Advanced Custom Scan using plugin 11936 Neither of...
View ArticleHow to fix all critical issues of a server resulted in Nessus vulnerability...
I have 500 servers (AWS ec2 instances), in all the servers Nessus agent installed so I want a short cut to fix all the servers critical issues resulted in Nessus scan with one click. How to achieve...
View ArticleRest API to get information on Vulnerability Information (Exploit Available)...
I am trying to find a REST API in Nessus to find the Vulnerability Information (Exploit Available) used https://:8834/scans/(INT)/export https://ip:port/tokens/{filetoken}/download the above 2 api's...
View ArticleScript to set some enties in browser's session storage
I'm accessing an application through web GUI. Repeating task (100 times a day ore more) is to select the item I want to access in long lists of items, so I have to scroll a lot to find my items....
View Articlepython 3.7 package for nessus 8.4 with documentation
Trying to create a small python penetration testing toolkit and would like to implement nessus scanner. I don't seem to be able to find a package for the newest nessus 8.4 ( I did find a package for...
View Articlepytenable: myobj = sc.audit_files.export_audit(1, fobj=None) results in...
This is about using python to access a Nessus (Tenable) Server via the library pytenable to manage scans, retrieve results etc. Although it was a bit hard to find out how to make it work, after some...
View ArticleShell variables not working in metasploit-framework
I am automating Nessus(vulnerability scanner) scans using metasploit-framework. User enters target(url or ip address), name, description in a file and then executes start.sh. Start.sh file reads user...
View ArticlePowershell: extracting a comma-separated list of IPs?
I'm dealing with a .csv export from Nessus, where essentially I have a column of Host IPs and a column with Plugin IDsMy customer wants an output where, for example, Plugin X would be in a column, and...
View ArticleRemote Desktop SSL Nessus Vulnerability 2008R2
I have TLS 1.0 completely disabled in the Registry. However Nessus still returns an SSL vulnerability for port 3389 which is Remote Desktop. Specifically the certificate.Why does this come up when TLS...
View ArticleHow to solve SWEET32 and Logjam vulnerabilities in weblogic nodemanger process
I got below vulnerabilities for NodeManager service in Weblogic version 12.1.3.0.0 and JDK 1.8.0_101-b13{ "port": 5556, "serviceName": "remotewatch?", "protocol": "tcp", "severity": 2, "pluginID":...
View ArticleNessus does not send e-mail after setting up smtp server
I have entered the following settings in the Nessus SMTP area:Host: smtp.gmail.com Port: 587 Encryption: Force TLS Auth Method: Login username: someuser@gmail.com password: mypass I get the following...
View Articleaws inspector vs Nessus which one to chose for aws cloud
So we want to setup a security scanners for a mixed environment of Linux & windows instances on AWS so i came across Inspector and Nessus so i just want to get little more clearity and experts...
View ArticleInitializing Nessus stuck on Kali Linux [closed]
I was following the tutorial on how to install Nessus on my Kali Linux and It got stuck on compiling plugins. It reaches like 3/4 of the bar and it just resets and starts again. I looked up at that...
View ArticleHow can i send nessus log over syslog?
I've been ask to send the logs from a Nessus scanner remotely on a syslog server, But I can't find a way to bind it to syslog.Is there a way to do it ?
View ArticleCurl and Nessus API (Session Hijacking)
I am currently working with Nessus Automation using API. I prefer to use CURL for the requirement. I see that everytime to get data from Nessus, I need to use token (session id). If I send this token...
View ArticleHow to change Policy Scan type using nessus API?
I am following documentation present at https://localhost:8834/api/# fro nessus. I listed policies and created new scan with template uuid as "Host Discovery" uuid fetched from the policies list....
View Article