About This Tool

This repository contains automation scripts for managing vulnerabilities with Nessus. It automates vulnerability scans, report generation, and remediation tracking using the Nessus API, streamlining security processes and providing detailed insights for enhanced vulnerability management.

Primary Use Case

This tool is designed for security professionals and system administrators to automate vulnerability management workflows by provisioning Azure virtual machines, running Nessus scans (both basic and credentialed), and analyzing scan results for remediation. It facilitates continuous vulnerability assessment and tracking in cloud and virtualized environments.

Key Features

Automates vulnerability scans using Nessus API
Supports provisioning and deprovisioning of Azure virtual machines
Enables both basic network and credentialed vulnerability scans
Generates detailed vulnerability reports with remediation guidance
Tracks remediation progress for identified vulnerabilities
Provides step-by-step lab environment setup instructions
Integrates with Nessus Essentials for scan management

Insights & Recommendations

Credentialed scans require enabling Remote Registry and disabling UAC prompts on the target VM, which may reduce security; these settings are not recommended for production environments. The tool is designed to be run from a Mac OS X host scanning a Windows VM in Azure. Firewall must be disabled on the VM to allow successful scanning.

Installation

Register for a Nessus Essentials account and obtain an activation code
Download Nessus version 8.15.6 for Windows x86_64 platform
Install Nessus on a Windows machine and launch the local host URL
Connect via SSL on the Nessus web interface and bypass security warnings
Enter the activation code and create a Nessus username and password
Wait for Nessus to complete installation and download necessary components
Create an Azure virtual machine with RDP traffic allowed
Login to the Azure VM using the downloaded RDP file
Disable Windows Firewall on the VM across all profiles (Domain, Private, Public)
Configure Remote Registry service on the VM to Automatic and start it

Usage

Create a new scan in Nessus Essentials > Basic Network Scan > Enter VM IP as target > Save > Run scan

Performs a basic network vulnerability scan against the specified Azure VM.

Enable Remote Registry service and set to Automatic on VM

Prepares the VM for credentialed scans by allowing Nessus to access the registry.

Change User Account Control settings to 'Never Notify' on VM

Reduces scan interference by disabling UAC prompts for credentialed scanning.

Ping VM public IP from host machine

Checks network connectivity between the host and the Azure VM before scanning.

Smart Usage Notes

Integrate the automation scripts into CI/CD pipelines for continuous vulnerability assessment.Combine with threat intelligence feeds to prioritize vulnerabilities based on active exploits.Leverage remediation tracking to close the loop between detection and response teams.Use Azure VM provisioning to simulate diverse environments for red and purple team exercises.Extend the scripts to trigger automated patch deployment workflows post-scan.

OpenSec Atlas

nessus-vulnerability-management