Nessus Cheat Sheet

Data directories

Linux

/opt/nessus/var/nessus

macOS

/Library/Nessus/run/var/nessus

Windows

C:\ProgramData\Tenable\Nessus\nessus

Binary directories and utilities

Linux

/opt/nessus/sbin
/opt/nessus/bin

macOS

/Library/Nessus/run/sbin
/Library/Nessus/run/bin

Windows

C:\Program Files\Tenable\Nessus
C:\Program Files (x86)\Tenable\Nessus

nessusd - e.g. to recompile plugins
nessuscli - e.g. to configure, manage and update Nessus (docs)
nasl - e.g. to test, run, sign plugins

Logs directories and files

Linux

/opt/nessus/var/nessus/logs

macOS

/Library/Nessus/run/var/nessus/logs

Windows

C:\ProgramData\Tenable\Nessus\nessus\logs

nessusd.dump — Nessus dump log file used for debugging output.
nessusd.messages — Nessus scanner log.
www_server.log — Nessus web server log.
backend.log — Nessus backend log.
nessuscli.log — Nessus CLI log.

Plugin directories and files

Linux

/opt/nessus/lib/nessus/plugins

macOS

/Library/Nessus/run/lib/nessus/plugins

Windows

C:\ProgramData\Tenable\Nessus\nessus\plugins

*.nasl - plugins with readable source code
*.nbin - compiled plugins
*.inc - include libraries

Search in plugin content

cd /opt/nessus/lib/nessus/plugins
grep -rl script_id.19506 . (1)

1	Due to big number of plugins you need to use `-r` parameter to recursively search in plugins directory (i.e., force grep to behave as rgrep).

Advanced Settings

cd /opt/nessus/sbin
nessuscli fix --list
nessuscli fix --get setting_name
nessuscli fix --set setting_name=<value>

API

https://localhost:8834/api (1)
https://localhost:8834/server/status (2)
https://localhost:8834/server/properties (3)

1	Access Nessus API documentation.
2	Check Nessus service status.
3	Check Nessus service version.

Plugin Feed

Check latest available plugins feed

curl https://plugins.nessus.org/v2/plugins.php
202201311213

Check Plugin Feed in Nessus

Login to Nessus, go to Settings > About > check Plugin Set, or on OS level:

cd /opt/nessus/lib/nessus/plugins
head -1 plugin_feed_info.inc
PLUGIN_SET = "202201311213";

Good practices

When you run scan:

Make sure that you have latest feed.
Perform scan with credentials. (docs)

When you analyze scan results:

Use Audit Trail to make sure why plugin did not provide result.
Check Knowledge Base to find more details.

Additional resources

docs.tenable.com/Nessus.htm - Nessus documentation
tenable.com/downloads/nessus - Nessus download page
tenable.com/plugins/search - Nessus Plugins Search
community.tenable.com - Tenable Community
github.com/tenable - Tenable profile at GitHub

limberduck.github.io/nessus-cheat-sheet v0.0.2
Generated on 2022-04-10 18:29:19 UTC by limberduck.org

/ zoom in ctrl++ zoom out ctrl+- actual size ctrl+0

zoom in ⌘ cmd++ zoom out ⌘ cmd+- actual size ⌘ cmd+0