Vulnerability scanning is an essential aspect of modern-day cybersecurity and Nessus is a well-known tool that provides a comprehensive solution for vulnerability assessments. It is a popular choice among security professionals and enthusiasts, due to its compatibility with Windows, MacOS, and Linux.

So how can you download and install Nessus on Kali, a widely-used penetration testing platform? With this step-by-step guide, you'll be up and running with Nessus in no time, equipped to proactively identify and mitigate vulnerabilities in your network.

What Is Nessus?

Nessus, developed by Tenable Inc, is a widely-used open-source vulnerability scanner. It offers a paid subscription, Nessus Professional, as well as a free version, Nessus Essentials, which is limited to 16 IP addresses per scanner.

Nessus provides a range of services, including vulnerability assessments, network scans, web scans, asset discovery, and more, to aid security professionals, penetration testers, and other cybersecurity enthusiasts in proactively identifying and mitigating vulnerabilities in their networks.

How to Install Nessus on Kali Linux

Unlike many security tools, Nessus doesn't come installed on Kali Linux. But it is very easy to download and install. Follow these steps to install Nessus on your Kali:

1. Download the Nessus package for Debian on the Nessus website and make sure you set the Platform to Linux-Debian-amd64.

2. When it's finished downloading, open your Linux terminal and navigate to the location you downloaded the Nessus file to.

3. Install Nessus using this command: 

        dpkg -i Nessus-10.4.1-debian9_amd64.deb

4. Start the Nessus service with this command: 

        systemctl start nessusd

5. On your browser, go to https://kali:8834/. It would show a warning page.

Nessus website showing a warning page

6. Click on Advanced. Then, click on Accept Risk and Continue.

7. Choose the Nessus Product you prefer. If you want the free version of Nessus, click on Nessus Essentials.

Nessus Packages

8. Enter your name and email address to receive an activation code by email. Paste the activation code into the space provided and choose a username and password.

9. Allow Nessus to download the necessary plugins.

how to initialize nessus extension

10. Once the plugin downloads have completed, you can start using the Nessus service.

How to Start the Nessus Service

So how do you start using Nessus?

1. To initiate the Nessus service, run the following command in your terminal: 

        systemctl start nessus

2. Next, enter the following URL in your browser: https://kali:8834/

3. Click on New Scan to begin scanning for vulnerabilities

Using Nessus as a Vulnerability Scanning Tool

Nessus is a must-have tool for security assessments and penetration testing. Its user-friendly interface and easy installation process make it a favorite among professionals. If issues arise during installation, restart your device or update plugins from the terminal.