Conducting Nessus Vulnerability Scan Results Analysis Using Excel Spreadsheet (Hands-on)
Вставка
- Опубліковано 8 вер 2024
- In this video we discussed Nessus Vulnerability Scan Analysis, based on popular request by my subscribers. I demonstrated the scan analysis using excel spreadsheet.
Computer Security Resource Center
csrc.nist.gov/...
The free way to help the channel grow is by subscribing using the link below:
www.youtube.co....
************Patreon & Channel Support******************
www.patreon.co...
*******Order your KamilSec (KS) Designs Merch:*********
kamilsec.creat...
**************************************************************
CashApp: $Kamilzak
Zelle: kaamilzak@gmail.com
Paypal: paypal.me/MZakari
Thank You!!!
*************************************************************
**You can download copies of the vulnerability scans from my Patreon page, link below**
www.patreon.co...
Udemy Affliate link:
track.flexlink...
VeeFLY Referral Link:
veefly.com?referrer=318243
*I ALSO CONDUCT INDIVIDUALIZED RESUME AND INTERVIEW PREP SESSION*
Connect with me on Social Media:
Twitter: / kamilzak_1
Instagram: @Kamilzak1
E-Mail: Kaamilzak@gmail.com
thank you for these videos. I secured a cyber security analyst role last month and your videos are a huge part of my success story. Can't thank you enough. Bless!
Adesegun, I am glad to hear that, comments like this grease my elbows to want to do more. Congratulations!!!
Bless your heart big man. You are a savior to many life you don't even know. wow
Thanks for the kind words Lawrence!!!
I've recently been tasked with remediation reports for the company I'm working for and this made things so much more manageable when creating weekly reports for others to view and for me to edit. Super thankful I came across your video, excellent job and thank you so much!
Great to hear this! You're very welcome. I will ask for a favor, please do like and share the videos to help promote the channel and also lots of people can be exposed to the videos as well. Thank you!
Thanks bro, this helped me with a task at work and will be using it moving forward
Awesome, I am glad it was helpful
Kamil is the best guy here really appreciate your teaching alot wowoow
Thank you! I am glad you appreciate my videos.
Im a new CISSP and I am looking at job opportunities that include vulnerability scans. Iv been in IT over 20 years and have been on the receiving end of a vulnerability scan and pen tests many times...just never been on the giving end haha. This is good stuff here. I feel like Im in your office looking over your shoulder. You have a natural ability to teach...congrats
Thank you!
Thank you so much sir for all you do in teaching us, Gid bless you
You are very welcome Allison!
You are an excellent teacher you no idea how you have helped some of us. Please try to show is how to create a POA&M
I meant to say, you do not have no idea how you have helped some of. Please teach what a POA&M is and how to create one. Thanks a million
You’re very welcome, our next video would be on POA&M management God willing.
WOWWWWW,,, after watching this video, I feel like I'm already working as a Vulnerability analyst. You are just the PERFECT PROFESSOR. Thanks a million 🧡🧡🧡🧡🧡
Yes, you can do it!
kamil we can't appreciate or say thank you enough God richly bless your soul for what u doing for us.
It's my pleasure bro! Thanks for the prayers!
Great video. Thanks Kamil
Glad you liked it!
Your video is very informative. You really explained how to analyze a scan extremely well. Thank you.
You are very welcome!
Thank you Sir. Best Video so far
Glad you liked it
Thank you.
You're welcome
thank you, i liked and shared this tutorial.
Glad it was helpful!
This is really great information.
Thanks
Glad it was helpful!
thank you so much! this video is so helpful!
You're very welcome
Thank you for another master class in Nessus.
You are welcome!
Watching from Africa. Great video. Picked up few tricks custom sorting and compressing data to reducing duplicate info. Great stuff. Thank you
You're welcome brother!
Thank you for your time and efforts in making such wonderful learning videos. Much appreciated.
Glad you like them!
Thank you Kamil. That's an excellent video and easy to understand.
Glad it was helpful!
very easy to understand! Thank you bro
Thank you so mush. That was really clear and clean.
Glad it helped Veronique!
Hello, your videos are super helpful, can you please post practice interview questions. Thank you
No worries!
Excellent guide. Thank you!
You're very welcome. Glad it was helpful!
@@KamilSec Is it possible to create a short video on Pivot table representation of Vulnerability scan report from Nessus? This will help when exporting the tables/Bar charts/Pie charts to PowerPoint for Presentation to management Team.
@@SuperWinning111 Sure, that will help with presentation. I will look into creating a video on that.
Excellent Sir...
Thanks for the videos.
You're welcome, Glad you like them!
Nice video
Thanks
Very helpful bro. Thanks so mcuh
You're welcome bro.
Amazing piece. Thank you
You're welcome, Glad you like it!
Thanks, very informative as always,,,
Thank you for this video. That was very easy to follow and informative. Much appreciated. I will send you an email for raw data of the analysis for practice. Thanks
Thanks sir!
Most welcome Kwame! Trust you are doing well.
@@KamilSec Doing great sir! Thanks for asking….
this is a master class. 👌 thank you!!
You're very welcome!
Great video bro. One of the best detail video ever. Do you have a classic for RMF ?
Well done
Kamil, is there a way to display the host name in human readable for such as switch, server, workstation. Thank you
Hi Charles, I am not sure I understand your question. However, hostnames are always human readable since they are the unique names use to identify devices on the network.
When you deleted "none" from risks you removed many open port detections that may not have a CVE with a CVSS associated, but are often some of the most exploited misconfiguration vulnerabilities. Just a heads up. Thanks for the video.
Thanks for your comments and heads-up!
All your videos are so informative. When does your next class start?
How we can make a good Dashboard once we are done with the analysis, please do video on that too
I believe you can leverage excel capabilities
Hi, I’ve 10k vuls from my tenable scan. I want to segregate os and non os vulnerabilities. Kamil / can someone help?
Nice video. I replicated everything you did. Youre a great teacher.
While sorting,using the filter and copying, My copied item wasnt going under the text on the column box. Even when i pressed command or space bar. What did you press to enable the copied item move underneath. Ill appreciate a response. Thanks
Press ALT and Enter
Thank you.
Hello, this is a great video, and I keep coming back to this one for guidance from time to time. I have come to an issue and would like you input on it.
I have 3 duplicate plugin ID with 2 IP addresses (11.128 & 11.130) and 3 different ports (8834 , 25 , 5432). My confusion is should I keep 2 separate entries (128 & 130) or compile them into 1.
.128 has p8834 & .130 has p25 , p5432.
Would combining all 3 into a single entry give a false positive for the ports that aren't open for either Hosts?
You might have faced a similar dilemma sometime for sure.
Also when this report is given to the system admin for fixing the vulnerabilities, will they automate or manually use this spreadsheet. I hope I was able to explain the question.
Yes, you have to combine them on a single plugin entry. The column that has the IP address and the Port just make sure they are corresponding horizontally on a single row i.e.
Plugin ID IP Address Ports
11123 x.x.x.128 8834
x.x.x.130 25, 5432
So my job requires a snapshot of unique vulnerabilities as well as total assets affected. By that judgement when i conduct my analysis i could only delete my line if the IP/hostname is the same?
Hi J, for unique vulnerabilities, your best bet will be to filter based on Plugins. Remember one plugin can affect multiple IPs. Sometimes you will see same IPs on one plugin, in that case check to make sure there are on different port.
@@KamilSec well said. Thank you for your response and thank you so much for the information you provide for your content. It really helps a greenish ISSO myself understand alot of concept and steps. Thank you greatly
Nice. Good explanation but is there a better way of doing the sorting by plugins when you have hundreds of plugins and assets to analyze. What about using the Pivoting in excel, will it not do the samething?
Definitely, pivot table can help
Hello thank you for your videos, can i know what type of scan you have run? and i can not find a free version of XP to download, i am new to this, please help!! thank you
I ran the Nessus Essential (the free version). Not sure if they have a package for Windows XP.
how do i use ACAS scan reports to compare with the HW/SW list of the system? which column do i concentrate on?
If there is a column called "Hostname" "IP Addresses" or "Asset" those can help
If you have already filtered the duplicates and now have different CVEs that affect the same assets, do you have to remove the duplicate affected assets without the CVEs?
No, document all the CVEs for the affected assets.
How should I filter that if I don't have Plugin ID in my scan? Filtering by CVE?
No CVE will not be ideal, not all the vulns have CVE associated with them. Try filtering on the Host may be...
How do you get the CVE to wrap in the formula bar?
ALT + Enter
Thanks for the info! How can I find out more about the detail selection when selecting "CSV" for my report? I see some selections that I would like clarity on under columns. Thanks!
ps- for some reason my nessus essentials does not give a PDF option either, any idea?
So I believe the Nessus home essential on Windows doesn't have the PDF report option but the Linux does.
Thanks as usual. I’m trying to download the CVS report file just like you did but when I click on CVS to download it tells me. “Couldn’t download network issue”. Ive tried different browsers but unable to download and note i have good internet. I’m using the Nessus essential and not the professional service. Did you use Nessus essential for yours. What could be the issue be and if you experience it how did you resolve it.
I checked my setup again, it works just fine. When you click on the Report, on the upper right hand corner, then select the Report Format you want: either PDF, HTML or CSV, then click generate report. Yes I am also using the Nessus Essentials for the tutorials.
probably your browser settings
@@oniabraham yes it was and I’ve fixed it. I had internet download manager which was blocking it
Hi Kamil, i need a help with nessus, im doing a lab where im scanning Metasploitable machine,im adding the IP of it in nessus ,i initiate the scan ,scan finishes in 5 seconds and no results, firewall disabled ,also im getting ping ftom Metasploitable to my local system and vice versa
If the metasploitable and the scanner device are on the same network as you said, then check your enabled plugins to make sure they are enabled and selected appropriately.
Can you do SSPs
ua-cam.com/video/YLwz4z3WLOA/v-deo.html
Good content but unfortunately not applicable for large environments. In case you have hundreds, thousands or hundrets of thousands IP's in network you can not do that in excel...
Yep, unfortunately you will need to use advance excel formulars like Pivot Table and so on if you have that many IPs
Good info bro. How are you passing the analysis over to the admin, by email? @KamilSec
If you are on the same government domain, yes otherwise follow the agency established channel of transmission...
If your company uses sharedpoint you could just create a file for this so all the engineers or anyone the data would be valuable to can grab it. Classified as a pull communication method