• Bash
• Nmap
• Nessus
• VMware

• Kali Linux VM
• Metasploitable2 VM

Start Nessus Service in Kali Terminal


Open Firefox then type https://localhost:8834
Login and you will the Nessus dashboard

After Login, Click New Scan


Then click on Host Discovery.
Note that host discovery will run a vulnerability scan after detecting if host is up on the network


Name the scan as Metasploitable VM then type the IP address of Metasploitable VM in the targets field.
Finally, Click Save


This will go back to My Scans folder. Run the scan and wait for it to complete


Upon completion, click on the name of the scan that we have set earlier


On the Vulnerability tab, we can only see 2 vulnerabilities when we ran an unauthenticated scan


Next. We will run an authenticated scan. Click on new scan on the top right corner
on the dashboard then click on Basic Network Scan


Provide a name for scan. We simply name it Authenticated scan then type the IP address of Metasploitable VM
Then click on credentials tab


On the left panel, Click SSH because metasploitable is a Linux virtual machine. (Choose Windows if we are running an authenticated scan on Windows OS Target
then change the Authentication method to password then type the password to login to Metasploitable VM.
Scroll down then click on Save. Back to scans folder click on Run.


After finishing the scan. Click on Vulnerabilities tab. We will see a list of vulnerabilities categorize into critical, high, medium, low, and informational


Notice that we have more vulnerabilities identified and that is because we ran an authenticated scan and be able to detect missing patches and misconfiguration