In this chapter, we will look at some of the ways in which we can perform vulnerability assessments using the Nessus bridge for the Metasploit framework. Nessus is a vulnerability scanner built by Tenable, Inc. It is widely used to perform network security assessments. A Nessus bridge allows Metasploit to parse and import the scan results of Nessus into its own database for further analysis and exploitation. We can even initiate Nessus scans from within Metasploit using the bridge.
In this chapter, we will be covering the following topics:
- Introduction to Nessus
- Using Nessus with Metasploit
- Basic commands
- Patching the Metasploit library
- Performing a Nessus scan via Metasploit
- Using Metasploit DB for Nessus scans
- Importing Nessus scan in Metasploit DB