performing-vulnerability-scanning-with-nessus

Featured

Performs authenticated and unauthenticated vulnerability scanning using Tenable Nessus to identify known vulnerabilities, misconfigurations, default credentials, and missing patches across network infrastructure, servers, and applications. The scanner correlates findings with CVE databases and CVSS scores to produce prioritized remediation guidance. Activates for requests involving vulnerability scanning, Nessus assessment, patch compliance checking, or automated vulnerability detection.

API & Backend 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing Vulnerability Scanning with Nessus ## When to Use - Conducting initial vulnerability assessment during the reconnaissance phase of a penetration test - Performing periodic vulnerability scans to maintain compliance with PCI-DSS (requirement 11.2), HIPAA, or SOC 2 standards - Validating that remediation efforts have successfully addressed previously identified vulnerabilities - Establishing a baseline of known vulnerabilities before targeted manual exploitation - Auditing patch compliance and configuration drift across server and workstation fleets **Do not use** as a substitute for manual penetration testing, against systems without written authorization, or against fragile systems (medical devices, legacy SCADA) where scanning may cause service disruption. ## Prerequisites - Tenable Nessus Professional or Nessus Expert with current plugin updates (plugins should be less than 24 hours old) - Network connectivity to all target hosts on all ports (no firewall restrictions between scanner and targets) - Administrative credentials for authenticated scanning (domain admin or local admin for Windows, root/sudo for Linux, SNMP community strings for network devices) - Target IP ranges and hostnames documented in the scope agreement - Change management approval for scanning during authorized windows ## Workflow ### Step 1: Scan Configuration Configure the Nessus scan policy based on engagement requirements: - **Scan type selection**: Choose "Advanced Scan" for fu...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

DevOps & Infrastructure Featured

scanning-infrastructure-with-nessus

Tenable Nessus is the industry-leading vulnerability scanner used to identify security weaknesses across network infrastructure including servers, workstations, network devices, and operating systems.

12,642 Updated today
mukul975
API & Backend Featured

performing-authenticated-vulnerability-scan

Authenticated (credentialed) vulnerability scanning uses valid system credentials to log into target hosts and perform deep inspection of installed software, patches, configurations, and security sett

12,642 Updated today
mukul975
AI & Automation Featured

building-vulnerability-scanning-workflow

Builds a structured vulnerability scanning workflow using tools like Nessus, Qualys, and OpenVAS to discover, prioritize, and track remediation of security vulnerabilities across infrastructure. Use when SOC teams need to establish recurring vulnerability assessment processes, integrate scan results with SIEM alerting, and build remediation tracking dashboards.

12,642 Updated today
mukul975
AI & Automation Featured

performing-agentless-vulnerability-scanning

Configure and execute agentless vulnerability scanning using network protocols, cloud snapshot analysis, and API-based discovery to assess systems without installing endpoint agents.

12,642 Updated today
mukul975
AI & Automation Solid

vulnerability-scanner

Security vulnerability scanning for dependencies and code, with CVE database checking and risk assessment

1,034 Updated today
a5c-ai