# Vulnerability Scanning

```bash
# Network Security: Vulnerability Scanning

# Nessus Installation
# Download Nessus: Tenable Nessus
# Install Nessus using the following command:
sudo apt install <FILE>

# Starting Nessus
# Start Nessus service:
sudo /etc/init.d/nessus start
# Access Nessus Web Interface:
# Open your web browser and go to http://localhost:8834

# Nmap Installation
# Install Nmap using the following command:
sudo apt install nmap

# Basic Nmap Scanning
# Perform a basic Nmap scan:
sudo nmap <target_ip>

# Nmap Vulnerability Scripting Engine (NSE)
# Use Nmap NSE to search for vulnerabilities in the script database:
sudo nmap --script vuln <target_ip>

# Detailed Version Detection
# Perform version detection for detailed information:
sudo nmap -sV <target_ip>

# OS Detection
# Conduct OS detection using Nmap:
sudo nmap -O <target_ip>

# Aggressive Scan
# Execute an aggressive scan for thorough analysis:
sudo nmap -A <target_ip>

# Output to a File
# Save scan results to a file for further analysis:
sudo nmap -oN output.txt <target_ip>

# Firewall Evasion Techniques
# Employ firewall evasion techniques:
sudo nmap -f -D RND:10 <target_ip>

# Scan a Range of IPs
# Scan a range of IP addresses:
sudo nmap <start_ip>-<end_ip>

# Scan Top Ports
# Scan the top 1000 ports for quick assessment:
sudo nmap --top-ports 1000 <target_ip>

# Scan for Specific Ports
# Scan for specific ports using the -p option:
sudo nmap -p 80,443 <target_ip>

# UDP Port Scanning
# Conduct UDP port scanning:
sudo nmap -sU <target_ip>

# Timing and Performance Options
# Adjust timing and performance options for scan optimization:
sudo nmap -T4 -F <target_ip>

# Ping Scan
# Perform a ping scan to identify live hosts:
sudo nmap -sn <target_ip>

# NSE Categories Exploration
# Explore available NSE categories:
ls /usr/share/nmap/scripts/

# Execute a Specific NSE Script
# Run a specific NSE script for targeted vulnerability checks:
sudo nmap --script <script_name> <target_ip>

# Comprehensive Scan with Scripts
# Conduct a comprehensive scan with various scripts:
sudo nmap -sV --script=default <target_ip>

# Check for Heartbleed Vulnerability
# Verify the Heartbleed vulnerability using the dedicated script:
sudo nmap --script ssl-heartbleed <target_ip>

# Scan Multiple Targets
# Scan multiple targets simultaneously:
sudo nmap <target1_ip> <target2_ip>

# Export Results in Different Formats
# Export scan results in different formats (XML, grepable, etc.):
sudo nmap -oX output.xml <target_ip>

```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://sallam.gitbook.io/sec-88/network-sec/vulnerability-scanning.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.