As described before so many tools and techniques to doing a smart penetration testing well these steps is also used for hacking a network, this is a tutorial based article in which I will show you how to integrate nmap with nessus and get the maximum performance with effective scan (pen test).
The importance of nmap and nessus is not a hidden truth, nmap the best scanner ever and nessus one of our favourite vulnerability scanner, if we combine them to each other than we can make our task to be effective and less time consumer, so here is the tutorial and if you want to learn more about nmap click here and for nessus click here.
First of all i am going to use nmap for a quick scan on my local network, I am running these tools on my Ubuntu box you can use any other Linux box, backtrack is recommended specially backtrack5, you can do the same things with backtrack5 so lets start the tutorial on the terminal.
$ nmap 192.168.1.* -oN test.txt
This is the basic scan i have not used any operating system finger printing strategy or any other thing, * represent that i want to scan all the host on this gateway you can use ,
$ nmap 192.168.1.1/24 -oN test.txt
Result will be same because 1/24 is also represent all the host in the subnet and here is -oN test.txt means i want to store my result at test.txt file.
We can directly call this txt file in nessus or we can first arrange this txt file to tell nessus, after this scan you will find different host and their open ports, host depends on your network there are may be two or three or may be a single host that is your own box, well the main objective of this tutorial is to integrate nmap result with nessus, so we dont care about host.
Open your nessus, I have previously demonstrated that how to install and use nessus click here to learn.
On the nessus click on the scan and add new scan.
In the policy i have choose internal network scan while you can choose some other policy depend on your usage, here the point is that I have not written anything on scan target because i want to import my nmap result, so in the target file option i browse it and choose my nmap result file, that is in the home folder for my case.
Start the scan you will get some vulnerability on your network host, later on we will discuss on how to integrate nessus result with metasploit to own a box, and we have planned to show you how to use autopwn on nessus result. So if you will combine nmap, nessus and metasploit each other you will surely create a awesome testing environment.