Vulnerability Scanning

# Network Security: Vulnerability Scanning

# Nessus Installation
# Download Nessus: Tenable Nessus
# Install Nessus using the following command:
sudo apt install <FILE>

# Starting Nessus
# Start Nessus service:
sudo /etc/init.d/nessus start
# Access Nessus Web Interface:
# Open your web browser and go to http://localhost:8834

# Nmap Installation
# Install Nmap using the following command:
sudo apt install nmap

# Basic Nmap Scanning
# Perform a basic Nmap scan:
sudo nmap <target_ip>

# Nmap Vulnerability Scripting Engine (NSE)
# Use Nmap NSE to search for vulnerabilities in the script database:
sudo nmap --script vuln <target_ip>

# Detailed Version Detection
# Perform version detection for detailed information:
sudo nmap -sV <target_ip>

# OS Detection
# Conduct OS detection using Nmap:
sudo nmap -O <target_ip>

# Aggressive Scan
# Execute an aggressive scan for thorough analysis:
sudo nmap -A <target_ip>

# Output to a File
# Save scan results to a file for further analysis:
sudo nmap -oN output.txt <target_ip>

# Firewall Evasion Techniques
# Employ firewall evasion techniques:
sudo nmap -f -D RND:10 <target_ip>

# Scan a Range of IPs
# Scan a range of IP addresses:
sudo nmap <start_ip>-<end_ip>

# Scan Top Ports
# Scan the top 1000 ports for quick assessment:
sudo nmap --top-ports 1000 <target_ip>

# Scan for Specific Ports
# Scan for specific ports using the -p option:
sudo nmap -p 80,443 <target_ip>

# UDP Port Scanning
# Conduct UDP port scanning:
sudo nmap -sU <target_ip>

# Timing and Performance Options
# Adjust timing and performance options for scan optimization:
sudo nmap -T4 -F <target_ip>

# Ping Scan
# Perform a ping scan to identify live hosts:
sudo nmap -sn <target_ip>

# NSE Categories Exploration
# Explore available NSE categories:
ls /usr/share/nmap/scripts/

# Execute a Specific NSE Script
# Run a specific NSE script for targeted vulnerability checks:
sudo nmap --script <script_name> <target_ip>

# Comprehensive Scan with Scripts
# Conduct a comprehensive scan with various scripts:
sudo nmap -sV --script=default <target_ip>

# Check for Heartbleed Vulnerability
# Verify the Heartbleed vulnerability using the dedicated script:
sudo nmap --script ssl-heartbleed <target_ip>

# Scan Multiple Targets
# Scan multiple targets simultaneously:
sudo nmap <target1_ip> <target2_ip>

# Export Results in Different Formats
# Export scan results in different formats (XML, grepable, etc.):
sudo nmap -oX output.xml <target_ip>