Configures and runs Tenable Nessus vulnerability scans on network infrastructure including servers, workstations, network devices, and operating systems. Covers setup, credentials, API launches, and result analysis.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
Tenable Nessus 是业界领先的漏洞扫描器,用于识别网络基础设施(包括服务器、工作站、网络设备和操作系统)中的安全弱点。本技能涵盖配置扫描策略、运行认证和未认证扫描、解读结果,以及将 Nessus 集成到持续漏洞管理工作流中。
Configures Tenable Nessus for vulnerability scanning of infrastructure including servers, workstations, network devices, and OS. Covers scan types, results, and workflow integration.
Guides configuring and running Tenable Nessus vulnerability scans on infrastructure: servers, workstations, network devices, OS. Covers policies, authenticated scans, results, workflows.
Executes authenticated and unauthenticated vulnerability scans with Tenable Nessus to identify CVEs, misconfigurations, default credentials, and missing patches in networks, servers, and applications. Useful for compliance audits, patch checks, and pentest reconnaissance.
Share bugs, ideas, or general feedback.
Tenable Nessus 是业界领先的漏洞扫描器,用于识别网络基础设施(包括服务器、工作站、网络设备和操作系统)中的安全弱点。本技能涵盖配置扫描策略、运行认证和未认证扫描、解读结果,以及将 Nessus 集成到持续漏洞管理工作流中。
Nessus 作为客户端-服务器应用程序运行,Nessus 扫描引擎在主机系统上以服务(nessusd)形式运行。它使用基于插件的架构,拥有超过 200,000 个插件,由 Tenable 研究团队每周更新。每个插件测试特定漏洞、错误配置或合规性检查。
Nessus 将插件组织为以下族:
# 启动 Nessus 服务
sudo systemctl start nessusd
sudo systemctl enable nessusd
# 使用 nessuscli 进行 CLI 管理
/opt/nessus/sbin/nessuscli update --all
/opt/nessus/sbin/nessuscli fix --list
# 验证插件数量
/opt/nessus/sbin/nessuscli update --plugins-only
通过 Nessus Web UI(https://localhost:8834)配置自定义扫描策略:
对于认证扫描,在"凭据"选项卡下配置凭据:
# 通过 curl 使用 Nessus REST API
# 认证并获取令牌
curl -k -X POST https://localhost:8834/session \
-d '{"username":"admin","password":"password"}' \
-H "Content-Type: application/json"
# 创建扫描
curl -k -X POST https://localhost:8834/scans \
-H "X-Cookie: token=<TOKEN>" \
-H "Content-Type: application/json" \
-d '{
"uuid": "<TEMPLATE_UUID>",
"settings": {
"name": "基础设施扫描 Q1",
"text_targets": "192.168.1.0/24",
"enabled": true,
"launch": "ON_DEMAND"
}
}'
# 启动扫描
curl -k -X POST https://localhost:8834/scans/<SCAN_ID>/launch \
-H "X-Cookie: token=<TOKEN>"
# 检查扫描状态
curl -k -X GET https://localhost:8834/scans/<SCAN_ID> \
-H "X-Cookie: token=<TOKEN>"
Nessus 按严重性对发现进行分类:
# 通过 REST API 导出
curl -k -X POST "https://localhost:8834/scans/<SCAN_ID>/export" \
-H "X-Cookie: token=<TOKEN>" \
-H "Content-Type: application/json" \
-d '{"format":"nessus"}'
# 支持的格式:nessus(XML)、csv、html、pdf