1
00:00:00,300 --> 00:00:01,290
Narrator: Welcome back.

2
00:00:01,290 --> 00:00:02,880
In this video, we're going to see

3
00:00:02,880 --> 00:00:05,160
how we can install a really useful tool

4
00:00:05,160 --> 00:00:08,370
for vulnerability analysis. Probably one of the best tools

5
00:00:08,370 --> 00:00:11,010
that perform this process automatically.

6
00:00:11,010 --> 00:00:14,613
It is very easy to use and this tool is called Nessus.

7
00:00:15,810 --> 00:00:20,160
To get it running, we must first download and install it.

8
00:00:20,160 --> 00:00:22,413
So to do that, open up your Firefox,

9
00:00:25,650 --> 00:00:28,923
and in the search bar, we can type Nessus.

10
00:00:30,000 --> 00:00:32,520
If we scroll down to this Tenable link that says

11
00:00:32,520 --> 00:00:34,680
Download Nessus vulnerability assessment,

12
00:00:34,680 --> 00:00:37,680
we can click on it and right here we are going

13
00:00:37,680 --> 00:00:39,660
to see two different versions of Nessus

14
00:00:39,660 --> 00:00:40,800
that we can download.

15
00:00:40,800 --> 00:00:43,050
We can get the free version that allows us

16
00:00:43,050 --> 00:00:45,780
to scan up to 16 IP addresses.

17
00:00:45,780 --> 00:00:48,810
And, by the way, this Nessus Essentials will only allow us

18
00:00:48,810 --> 00:00:50,670
to scan inside of the network.

19
00:00:50,670 --> 00:00:51,810
You will not be able to scan

20
00:00:51,810 --> 00:00:54,600
external IP addresses using this.

21
00:00:54,600 --> 00:00:57,450
However, you will get high speed, in depth assessment,

22
00:00:57,450 --> 00:00:58,680
free training and guidance

23
00:00:58,680 --> 00:01:00,813
and support via Tenable community.

24
00:01:01,830 --> 00:01:04,950
Once you start performing real life penetration tests

25
00:01:04,950 --> 00:01:07,230
and you start scanning different companies,

26
00:01:07,230 --> 00:01:09,450
their networks and so on and so on,

27
00:01:09,450 --> 00:01:12,660
this Nessus professional option will be really useful

28
00:01:12,660 --> 00:01:15,750
for you. It tells you right here you get

29
00:01:15,750 --> 00:01:19,530
unlimited assessments, you can scan unlimited IP addresses,

30
00:01:19,530 --> 00:01:22,020
you can use it anywhere, you get live results,

31
00:01:22,020 --> 00:01:24,840
configuration assessments, bunch of different things

32
00:01:24,840 --> 00:01:28,950
but it also comes with a really expensive price.

33
00:01:28,950 --> 00:01:31,170
However, this is something that pays off

34
00:01:31,170 --> 00:01:33,783
once you perform real life penetration tests.

35
00:01:34,920 --> 00:01:38,250
Okay, right now we are interested in the free version

36
00:01:38,250 --> 00:01:41,223
so let us click download on the Nessus Essentials.

37
00:01:42,270 --> 00:01:44,250
So, you can choose to register right here

38
00:01:44,250 --> 00:01:48,180
or, what else we can do is we can type Nessus download

39
00:01:48,180 --> 00:01:51,330
and download it straight away to our Kali Linux.

40
00:01:51,330 --> 00:01:54,030
We can click right here, download Nessus Tenable

41
00:01:54,030 --> 00:01:55,350
and right here we are going

42
00:01:55,350 --> 00:01:57,483
to see different Nessus versions.

43
00:01:58,710 --> 00:02:01,770
In this case, since I'm running Kali Linux 64 bit

44
00:02:01,770 --> 00:02:05,913
I'm interested in this Nessus Debian AMD 64.

45
00:02:06,780 --> 00:02:10,023
If I click on it, click on I agree,

46
00:02:10,949 --> 00:02:13,290
it will ask me whether I want to open or save the file,

47
00:02:13,290 --> 00:02:16,740
I want to save it. And it will download the file

48
00:02:16,740 --> 00:02:18,873
inside of my Downloads directory.

49
00:02:20,010 --> 00:02:22,200
It will finish in just a few seconds.

50
00:02:22,200 --> 00:02:23,250
Here it is, it is done.

51
00:02:23,250 --> 00:02:25,110
So let's click on this button right here,

52
00:02:25,110 --> 00:02:27,690
It will open our Downloads directory

53
00:02:27,690 --> 00:02:31,200
and once it opens up we can lower this page right here

54
00:02:31,200 --> 00:02:34,710
and open terminal inside of the Downloads directory.

55
00:02:34,710 --> 00:02:37,192
To install this we can run

56
00:02:37,192 --> 00:02:38,025
sudo dpkg

57
00:02:38,025 --> 00:02:38,858
sudo dpkg

58
00:02:38,858 --> 00:02:39,691
sudo dpkg

59
00:02:39,691 --> 00:02:40,680
sudo dpkg

60
00:02:40,680 --> 00:02:42,090
which stands for de package

61
00:02:42,090 --> 00:02:45,420
and then -i which stands for install,

62
00:02:45,420 --> 00:02:47,790
and we can type the name of the Nessus.

63
00:02:47,790 --> 00:02:50,490
What you can do is you can just type N

64
00:02:50,490 --> 00:02:52,983
and then Tab it to auto complete it.

65
00:02:53,940 --> 00:02:55,800
Then press enter.

66
00:02:55,800 --> 00:02:59,130
It will ask me for the password, I will input it right here

67
00:02:59,130 --> 00:03:01,780
and it will complete the installation process for us.

68
00:03:02,730 --> 00:03:04,860
Here it is, it finished in just a few seconds

69
00:03:04,860 --> 00:03:07,890
and it tells us right here that we can start Nessus Scanner

70
00:03:07,890 --> 00:03:10,140
by typing this command.

71
00:03:10,140 --> 00:03:12,213
So let's just copy it right here.

72
00:03:13,440 --> 00:03:16,353
Let's run it, paste Clipboard.

73
00:03:17,880 --> 00:03:19,890
Oh, we need to run it with user privileges.

74
00:03:19,890 --> 00:03:22,300
So, let's type sudo and then paste the command

75
00:03:23,970 --> 00:03:27,270
and it will tell us starting Nessus.

76
00:03:27,270 --> 00:03:31,443
Now, to go to Nessus, you need to copy this link right here.

77
00:03:33,120 --> 00:03:34,173
Copy the link,

78
00:03:35,220 --> 00:03:36,510
go to Firefox,

79
00:03:36,510 --> 00:03:37,950
open another page,

80
00:03:37,950 --> 00:03:39,750
we can close these two pages

81
00:03:39,750 --> 00:03:42,093
and we can paste and go to that link.

82
00:03:43,230 --> 00:03:44,520
Let me enlarge this,

83
00:03:44,520 --> 00:03:47,730
and it will tell us potential security risk ahead,

84
00:03:47,730 --> 00:03:49,050
we don't really care about this,

85
00:03:49,050 --> 00:03:50,430
we know there is no risk right here

86
00:03:50,430 --> 00:03:53,190
so click on advanced and go down here,

87
00:03:53,190 --> 00:03:55,680
accept the risk and continue.

88
00:03:55,680 --> 00:03:56,513
Click on that,

89
00:03:57,990 --> 00:04:00,870
and this will start compiling plugins.

90
00:04:00,870 --> 00:04:02,310
This will take a few seconds

91
00:04:02,310 --> 00:04:05,010
and soon it'll ask us which version

92
00:04:05,010 --> 00:04:08,160
of Nessus we want to install, and we will also

93
00:04:08,160 --> 00:04:11,070
need to provide some additional information such

94
00:04:11,070 --> 00:04:14,553
as email address and usernames and passwords.

95
00:04:15,720 --> 00:04:19,140
Here it is. Right here, specify Nessus Essentials

96
00:04:19,140 --> 00:04:20,253
and click on continue.

97
00:04:21,360 --> 00:04:24,210
Right here you will need to provide the first name,

98
00:04:24,210 --> 00:04:27,330
the last name, and the valid email address.

99
00:04:27,330 --> 00:04:29,010
Now, in case you don't use a valid one

100
00:04:29,010 --> 00:04:30,450
you will not be able to use Nessus

101
00:04:30,450 --> 00:04:32,790
because it will send you the activation code

102
00:04:32,790 --> 00:04:36,240
to the email address that you specify right here.

103
00:04:36,240 --> 00:04:39,430
Now, since I already have an account, I will just skip this

104
00:04:40,350 --> 00:04:43,200
and I will go and type my activation code right here.

105
00:04:43,200 --> 00:04:47,070
You should get the same window and the same question asked

106
00:04:47,070 --> 00:04:49,170
as soon as you specify the email address

107
00:04:49,170 --> 00:04:51,180
and the first and last name.

108
00:04:51,180 --> 00:04:52,650
Then you go to your email,

109
00:04:52,650 --> 00:04:56,100
find the activation code and type it in right here.

110
00:04:56,100 --> 00:04:59,220
Once you typed your activation code, click on continue,

111
00:04:59,220 --> 00:05:02,820
username and password I will set right here, Mr. Hacker,

112
00:05:02,820 --> 00:05:05,970
which is my username, and I will type in my password.

113
00:05:05,970 --> 00:05:08,250
It will ask you to set up your own username

114
00:05:08,250 --> 00:05:09,690
and to set up your own password,

115
00:05:09,690 --> 00:05:11,580
you can use whatever you want.

116
00:05:11,580 --> 00:05:13,233
After it, click on submit.

117
00:05:14,520 --> 00:05:16,500
It will tell me setup is complete

118
00:05:16,500 --> 00:05:19,800
and now it will start the true preparation for Nessus.

119
00:05:19,800 --> 00:05:22,980
This process right here will take some time

120
00:05:22,980 --> 00:05:25,590
and by some time I think it might take even

121
00:05:25,590 --> 00:05:27,700
up to 30 or 40 minutes

122
00:05:28,860 --> 00:05:31,860
so just take a small break until all of this is over

123
00:05:31,860 --> 00:05:34,810
and we are going to continue with Nessus in the next video.