Updated Video: ua-cam.com/video/9Bsjw1VeRwE/v-deo.html 🖥 Break into IT in ~3 Months with my Hands-On Practical Course! 🖥 coursecareers.com/explore/it/ref/18242/
Josh - also a current student in your LevelD Careers program. This video was a godsend, to be honest. I was struggling with Nessus for almost 5 hours today. After digging endlessly, I found out that wireless bridging is NOT supported in either Virtualbox OR Vmware. Just something to possibly remind anyone who sets up a bridge on the network side of VMware for this lab, if you are on a WIRELESS network, trying to "bridge" it will break the whole setup. Just set up NAT instead and the whole thing ran smoothly for the project. Thanks again for the succinct, insightful, and fun tutorials.
Lukus - I spent roughly 5 hours just like you to make this work today. I manage to make it work on Oracle VM Virtualbox somehow, I dont even know how but the second time around it stopped working and Nessus would not be able to detect the virtual machine IP. This is going to be my Final Year Project too for University, I cannot thank you enough for sharing this information. I tried Host-Only and Bridged Network but none of them were working until I put it on NAT. I really appreciate you Lukus! :)
Thank you for providing this solution. I too had an issue during Windows setup. While Windows was installing on the VM, the installation failed. When i tried reopening the VM, and restarting the installation it could not locate the ISO file nor would it allow me to locate the file through the directory. Using your solution I created a new VM, installed the ISO file and kept the setting on NAT. Seemless installation! Thank you for this and I pray your journey is more profound and rewarding for you now.
For anyone having trouble connecting to the internet on the VM player version, here's a solution I found in the comments. I did this after installing the VM, though it should also work when you're installing it. -Make sure your VM is powered off -Right click and click "settings" -Click Network Adapter -Click Configure Adapters -Uncheck anything with the word "Ethernet" in it and click "OK" This is what ended up working for me.
This is awesome! I haven't used Nessus personally but I know it's one of the big vulnerability scanners out there, also appreciate the walkthrough as someone new to vuln scanning 😆
Bro, this content is amazing. This is perfect of how you do everything step by step and explain the "why" of everything you're doing in the lab. I look forward to more labs!
Josh---much appreciated! Just got my N+ & S+ and I'm trying to get some hands on while I work as an IT PM. This video helped demystify Nessus. Thanks for making great content :)
This is was very helpful. Especially explaining the the setup. A lot of people basically skip those parts. Its like like not showing someone how to start the vehicle and put it in gear that they go straight to driving. Well that startup is so important. I feel confident that if I had to do some scans (and more importantly explain it), that I will be able to. Thanks. Too bad I couldn't like more than once, as I've watched the video again later as a refresher.
Hey! Thanks so much for watching and leaving this nice comment! I'm really glad the lab was useful :). Hopefully I can put out some more here pretty soon!
JOSH YOU ARE GOAT, ty for this video man, I was able to finish this project till end, I wish I could finish the SEIM in Azure as well but unfortunately I wasn't able to remote into vm.
FWIW, for decades now, any time I download something I put it into an "installs" directory. Doesn't work as well with the modern tendency to download an installer which downloads off the cloud at the install, but one of the chief benefits of it is that you can (sometimes) save the copy that worked for you and had the features you were used to, which might not be possible at some future point -- either the company went out of business and it's no longer available, or they've deprecated that version and don't offer it for download, or, even, you don't know what version it was you had. As I say, for install-off-the-cloud downloads, it does limited good, but anything when you're actually downloading an actual copy, it's a great thing. Sometimes you need to do this if you're stuck recreating your OS and you don't have an image backup of it.
This was a very well-structured video explaining how to perform vulnerability management. I've already downloaded your resume templates and will put them to use in the future.
Really enjoyed this walk-through, thank you for recording it. If you haven't already, a video showing how to take this to the next level with automation or remediating multiple machines at the same time would be fantastic. I'll go read up on the subject, but these videos are a great way to gain the knowledge quicker.
As someone who just started a proper sysadmin gig, I found this to be quite helpful as I'd never used Nessus before. Solid tutorial, and I look forward to checking out more of your content :)
basically there are 2 kinds of scans (credentialed and non-credentialed), and also another 2 categories of scan (network scan and agent scans). the objective is to remediate the vulnerabilitiies , and for those vulnerabilities that cant fix (due to product limitation), do risk assessment/ risk acceptance.
Thanks sir. First. You’re a great online teacher. Well done. Second, you’re very savvy (love the example resume from your actual UA-cam video lesson), and that makes me want to subscribe to your channel. Thank you for the lesson.
This is the helpful Video that inspires me to find my new career in Cyber Security. Honestly, I have never used Nessus for my current work(I am Network Engineer ✌ moving to Cyber Security😁) but now I can use it and understand the basics of Nessus to scan to find more vulnerabilities on the devices. I would like to thank you for this helpful video guide. I do hope you will drop more Videos that relate to Cyber Security.🙌👏👍
Thanks Josh your like the big I never had. I'm learning so much and thanks for your resume samples. My confidence is growing and I'm becoming a beast 💪 💯
Great video! I actually went through and tested this scenario a few days ago. I've had experience using Qualys previously but after using Nessus I'm impressed with it, and the other Tenable tools look decent too. Like you say, the whole concept of vulnerability management is easy, it's just when you have hundreds of assets and domains to manage that it gets complicated and long winded.
Glad you could try it out! The last one I actually used was rapid 7 insight vm. It was alright but I really like the look and feel of tenable products for some reason. I think because the workplace I was using rapid 7 at gave me ptsd lol
Great video and tutorial, finally got hands on with Nessus. Although when I was doing it, following step by step with you, I got the same or similar results each time when continuing with a standard scan, credential scan and install the old FireFox version? Maybe it's just me, I'll have to start with a scratch VM and try again.
This was a great video Josh. I had ran into some issues with ping and at first with the network adapter part of the VM but I figured out what the issues were with both and I got everything to work. This was great! Thank you so much!!
This tutorial is awesome! I haven't personally used Nessus, but I'm aware of its reputation as one of the leading vulnerability scanners available. With its comprehensive set of features, Nessus is capable of scanning networks for a variety of potential vulnerabilities - from missing patches to misconfigurations. Great Job Josh!!! Thank you
Great video, I use the professional version along with SCAP scanner and of course stigging. I find it cumbersome to produce SCAP/OVAL results with Nessus so I am just using the SCAP scanner for that portion.
Oh very interesting, thanks for the sharing. I haven't used Nessus Pro very much recently. Hopefully I never have to do vulnerability management again lol
I basically know everytNice tutorialng there is to know about soft soft but I still watched tNice tutorials through just because of how good you explained
Hey Matthew! No problem! Glad it was useful :p. I'm bouts to release another interesting one this coming Monday. It's going to be a SIEM lab (Azure Sentinel) where we are observing live cyber attacks from around the world :). Thanks for watching!
Josh you Rock man! Your video inspire me to learn Nessus. I wish Nessus give you the power to remediate all those vulnerabilities within Nessus framework like Qualys. Maybe you can tell us what is the best VMDR framework on the market right now & which one do you recommend to learn? Thanks
Josh, your video is awesome! I've been looking for some basic knowledge that would help me learn about Nessus scans. We use them where I work and I'm trying to break into a cybersecurity position and Nessus scans often come up in the job description. Thank you!
I got an EFI network timeout error when trying to boot Windows 10. However, the pro version of VMWare Workstation allowed me to select 'BIOS' as the firmware type (under Advanced options), and this solved the problem.
this is quite precise and detailed, I tried to demo the concept here on my system,however i have a challenge, which is my nessus scanner is able to do host discover for my VM device. I tried several approach such as disabling the firewall on the VM, making the vm network a bridge and the funniest thing is that there is logical connection between the local host and the vm from the command prompt using ping, but am still amazed how the Nessus scanner is unable to detect the VM device, have been on this for days now, troubleshooting the issue. Any tips to help?
hi josh, great video! i have one advice to give. you could go more in depth on all this stuff. if you already make a video on something, the people who watch 30 minutes will watch a 1 hour video aswell. Those who really want to learn, will watch any length video, as long as it contains relevant information.
❤ It was very nice and professional explanation with a simple words easy to understand , it’s been very understandable. Thank you so much.! And please do me a favor here answering my a couple questions !! And I will appreciate your assistance ! My first question : I am having issues installing my Nessus essentials on my virtual box , do you have any idea how we can solve this? My second question : I have a virtual box and I have Kali Linux 2023.2, metasploitable2,3 , windows 10 installed in it, And I cannot scan them through my Nessus Essentials installed on my physical windows 11, how do you think what I’m doing wrong? Thank you so much for answers
Josh! You are Amazing, a big thank you for making nessus so more easy to understand. I also followed your Azure sentinel which was very good. If you've got anything else cyber releated to add to my CV (Hands on experience) - Please let me know :) !
Thank you for your content I am most definitely doing these. I go to full sail university and getting my bachelors degree in cyber security and they sent me a MacBook Pro 16 in with the m2 chip and I get licenses for all the VMware products. Already got myself a Cisco server and a thecus 7 bay nas that I’m still trying to figure out how to work them together but if you have any content on how to connect your nas to VMware most def let me know
Hey Josh great vid - Happy New Year - wanted to ask, i receive a Certificate error when running Nessus Essentials Web UI...From what i read this is a non issue however I wanted to get another opinion as I am a little iffy on running a credential scan while https is crossed out :) --- can i get your opinion please!
Hello! Thanks for the content. I need help 🤯 Should it also work on macOS? I download VMware 12 fusion because as I understand it is the macOS version of VMware. Fusion VMware cannot start this ISO because it cannot understand the file format. Where is the issue? on ISO on VMware Fusion?
Another great informative video! I will certainly work on this after I get very familiar with Active Directory, then get the whole job thing squared away. Do you think this is more catered towards specifically vulnerability management roles or is this applicable to other roles such as security analyst, security engineer, cybersecurity analyst, and other InfoSec roles? Or, does this fall under the same umbrella as those mentioned?
Thanks! and I think Vulnerability Management is pretty general. Almost everyone on the security team plays a role in vulnerability management, from creating policy and standards, to scanning, to assessing, to remediating, to approving exceptions. Maybe the engineers configure and manage the platform. Maybe the Analysts use the platform or remediate stuff. etc etc. Depends on the size of the organization too. Hope this helps!
So I have run into the issue (not sure of if an issue) where I dont receive any new scans. Its the same ones even after installing the 'old' firefox. I did the registry editor, firewalls dropped, and added credentials but nothing. Its the same scans since I linked the nessus with the VM.
For the choosing of processors on your VM, I've heard that if you have a Dual Core that you should put the number of processors as divisible by two because of the way the cores interact with each other. Pretty much allocating your processor cores to line up symmetrically with the way they are with the host. Do you know if this is true?
Hi Josh, Hope you are well. I liked your all videos. Just wondering if is there any latest vulnerable assessment report that I can get from you. I need to make a final report about exactly what you did in this video. It will help me.
Thank you very much Josh.. VM training with Nessus is very useful and informative. I have one question about device credentials. In few of the organizations, device owners (for windows, linux, n/w or f/ws) are not ready to share admin login credentials due to security reasons.. what is the recommended solution for this scenario? please suggest.
_> In few of the organizations, device owners (for windows, linux, n/w or f/ws) are not ready to share admin login credentials due to security reasons._ Haha, I've faced this quite a lot. I will usually give them two option. Setup some kind of JIT (just-in-time) provisioning for me that will allow the credentials to work only during a certain time period where I'm trying to conduct the scans on their systems. If they don't want to setup JIT provisioning, they will just have to provide some credentials, preferably that are controlled centrally by a security group or something. Alternatively (i did this for some domain controllers), you'll sometimes be able to install a local agent on the systems that you want to scan, that will kind of do a self-assessment and report the findings back to the VM console. For example, with Rapid7 insightVM, they have the Insight Agents. Support from upper management also helps this effort overall! It's a really troublesome problem, I know, but hope this helps a little bit.
I got issues in VMWare when I ran it, every going ok, but at last, I could not boot up ISO files. I try VM power off and uncheck anything with the word Ethernet in it also. I am running a wireless network, I got a comment below backing up with NAT, and help in wireless. I try it doesn't work. Any suggestion that could help me to solve this issue in my own lap, please. The error Image is below: EFI Network Time out. I press any key when it boots up .....
Thanks this is an awesome, video I have a question, How can I implement this in a way that has never been done before, looking for ideas for my thesis program and it needs to be a different approach that hasn't been done before, thanks.
What certs and or skills would you recommend Josh for Vulnerability Management that employers would look for in trainees or those wanting to work in this field - thanks in advance -
Definitely some OffSec certs/skills with some vulnerability management lab work (like in this video, but maybe a bit more). The certs I'd recommend are eJPT with the training from INE, and if you are feeling SUPER ambitious, OSCP from offensive security, but that one is quite difficult. :)
thanks Big man...i couldn't follow thru as it was fast and did not find how to install the app on Mac..hope i have not asked something too elementary, really looking to go into VM big time,any more support will be appreciated
Updated Video: ua-cam.com/video/9Bsjw1VeRwE/v-deo.html
🖥 Break into IT in ~3 Months with my Hands-On Practical Course! 🖥
coursecareers.com/explore/it/ref/18242/
Josh - also a current student in your LevelD Careers program. This video was a godsend, to be honest. I was struggling with Nessus for almost 5 hours today. After digging endlessly, I found out that wireless bridging is NOT supported in either Virtualbox OR Vmware. Just something to possibly remind anyone who sets up a bridge on the network side of VMware for this lab, if you are on a WIRELESS network, trying to "bridge" it will break the whole setup. Just set up NAT instead and the whole thing ran smoothly for the project. Thanks again for the succinct, insightful, and fun tutorials.
Lukus - I spent roughly 5 hours just like you to make this work today. I manage to make it work on Oracle VM Virtualbox somehow, I dont even know how but the second time around it stopped working and Nessus would not be able to detect the virtual machine IP. This is going to be my Final Year Project too for University, I cannot thank you enough for sharing this information. I tried Host-Only and Bridged Network but none of them were working until I put it on NAT. I really appreciate you Lukus! :)
Interesting. I'm on a wireless network, and NAT did not work for me, but "Host-only Adapter" did.
@@leepenya4465 This worked for me also, thanks
Thank you for providing this solution. I too had an issue during Windows setup. While Windows was installing on the VM, the installation failed. When i tried reopening the VM, and restarting the installation it could not locate the ISO file nor would it allow me to locate the file through the directory.
Using your solution I created a new VM, installed the ISO file and kept the setting on NAT. Seemless installation! Thank you for this and I pray your journey is more profound and rewarding for you now.
For anyone having trouble connecting to the internet on the VM player version, here's a solution I found in the comments. I did this after installing the VM, though it should also work when you're installing it.
-Make sure your VM is powered off
-Right click and click "settings"
-Click Network Adapter
-Click Configure Adapters
-Uncheck anything with the word "Ethernet" in it and click "OK"
This is what ended up working for me.
THANK YOU. I was getting APIPA address with bridged mode checked, and thought about assigning a static IP. but this fixed my problem.
Thank you! You're a life saver!
This is awesome! I haven't used Nessus personally but I know it's one of the big vulnerability scanners out there, also appreciate the walkthrough as someone new to vuln scanning 😆
Hey Sandra!! Glad you liked it haha. Honestly I didn't use Nessus at my VM PM job, but it was the easiest to setup in a lab so I used it here 😂
@@JoshMadakor wow 2 mentors watching each others videos! 🔥🔥 you both are awesome. gonna do this on my AD lab environment now!
This is one of the BEST videos about vulnerability management. It is simple, short, and practical. Thank you for sharing this, Josh!
Thanks so much!! Glad you liked it ^^
Bro, this content is amazing. This is perfect of how you do everything step by step and explain the "why" of everything you're doing in the lab. I look forward to more labs!
This is EXACTLY the type of walkthrough I’ve always wanted. Thank you!
YES! I made this video for you the, haha. I'm glad it was helpful and I appreciate you takin the time to comment, haha.
Josh---much appreciated! Just got my N+ & S+ and I'm trying to get some hands on while I work as an IT PM. This video helped demystify Nessus. Thanks for making great content :)
this brother is truly the goat in this game!
@@mobolajiolamide120 what type of network connection is your vm using? NAT? BRIDGED? Etc
Thank you Josh for what you do. Someone like me transitioning from other industry into Cubersecurity, this is really helpful.
So very grateful for your sublime tutelage, Mr. Madakor. You're the best.
lmao, thank you, and I think you made a new sentence right there, haha
This is was very helpful. Especially explaining the the setup. A lot of people basically skip those parts. Its like like not showing someone how to start the vehicle and put it in gear that they go straight to driving. Well that startup is so important. I feel confident that if I had to do some scans (and more importantly explain it), that I will be able to. Thanks. Too bad I couldn't like more than once, as I've watched the video again later as a refresher.
Hey! Thanks so much for watching and leaving this nice comment! I'm really glad the lab was useful :). Hopefully I can put out some more here pretty soon!
"...dealing with the humans..." summarizes the difficulty spanning my entire IT career in multiple domains :)
Lmao, big truth there. That's why I got out of pure cyber roles and went into something else. They have been the most troublesome for me in cyber :P
I made something similar on my Master Degree in Cybersecurity. Was not aware I could use this as EXP for my CV. THANK YOU !!!!
Great vid! I couldn't find any vulnerabilities on my VM, but found 17 on my actual computer. Thanks for this.
Great breakdown and explanation of everything 🔥🔥🔥
JOSH YOU ARE GOAT, ty for this video man, I was able to finish this project till end, I wish I could finish the SEIM in Azure as well but unfortunately I wasn't able to remote into vm.
Thanks so much! I gotta redo that lab since so much has changed in it hehe.
You teach so well! This is a super helpful video
Hey Nicole, THANKS SO MUCH! 🥺🥺
@@JoshMadakor Agreed, This is a very thorough tutorial. Thank you ^^
Its so cool to see mentors watching each others videos 🔥😁
FWIW, for decades now, any time I download something I put it into an "installs" directory. Doesn't work as well with the modern tendency to download an installer which downloads off the cloud at the install, but one of the chief benefits of it is that you can (sometimes) save the copy that worked for you and had the features you were used to, which might not be possible at some future point -- either the company went out of business and it's no longer available, or they've deprecated that version and don't offer it for download, or, even, you don't know what version it was you had. As I say, for install-off-the-cloud downloads, it does limited good, but anything when you're actually downloading an actual copy, it's a great thing.
Sometimes you need to do this if you're stuck recreating your OS and you don't have an image backup of it.
Thanks so much Josh for such a good visual and tutorial. 🔥🔥👏🏿👏🏿
Great Walkthru Josh !!!! I just added your channel in hopes of seeing more walkthroughs like this to boost my resume skills list.
This was a very well-structured video explaining how to perform vulnerability management. I've already downloaded your resume templates and will put them to use in the future.
That was an awesome video and easy to understand. Thank you so much for making the effort to create this video
Really enjoyed this walk-through, thank you for recording it. If you haven't already, a video showing how to take this to the next level with automation or remediating multiple machines at the same time would be fantastic. I'll go read up on the subject, but these videos are a great way to gain the knowledge quicker.
Awesome, I had installed it on my Kali VM, but now I'm definitely trying this, today!
Dope! Good luck with it. Definitely a nice skill to have and to be able to talk about during interviews
As someone who just started a proper sysadmin gig, I found this to be quite helpful as I'd never used Nessus before. Solid tutorial, and I look forward to checking out more of your content :)
Thanks so much, really appreciate that! Congrats on the job too :)
basically there are 2 kinds of scans (credentialed and non-credentialed), and also another 2 categories of scan (network scan and agent scans). the objective is to remediate the vulnerabilitiies , and for those vulnerabilities that cant fix (due to product limitation), do risk assessment/ risk acceptance.
Sounds on-point to me 👏😎
Thanks sir. First. You’re a great online teacher. Well done. Second, you’re very savvy (love the example resume from your actual UA-cam video lesson), and that makes me want to subscribe to your channel. Thank you for the lesson.
This is the helpful Video that inspires me to find my new career in Cyber Security. Honestly, I have never used Nessus for my current work(I am Network Engineer ✌ moving to Cyber Security😁) but now I can use it and understand the basics of Nessus to scan to find more vulnerabilities on the devices. I would like to thank you for this helpful video guide. I do hope you will drop more Videos that relate to Cyber Security.🙌👏👍
Thanks Josh your like the big I never had. I'm learning so much and thanks for your resume samples. My confidence is growing and I'm becoming a beast 💪 💯
Glad I found your channel man, trying to get my foot on the door right now. Subbed
Thank you for this video! Much appreciated 😁🙏
Great video! I actually went through and tested this scenario a few days ago. I've had experience using Qualys previously but after using Nessus I'm impressed with it, and the other Tenable tools look decent too. Like you say, the whole concept of vulnerability management is easy, it's just when you have hundreds of assets and domains to manage that it gets complicated and long winded.
Glad you could try it out! The last one I actually used was rapid 7 insight vm. It was alright but I really like the look and feel of tenable products for some reason. I think because the workplace I was using rapid 7 at gave me ptsd lol
Great video and tutorial, finally got hands on with Nessus. Although when I was doing it, following step by step with you, I got the same or similar results each time when continuing with a standard scan, credential scan and install the old FireFox version? Maybe it's just me, I'll have to start with a scratch VM and try again.
This was a great video Josh. I had ran into some issues with ping and at first with the network adapter part of the VM but I figured out what the issues were with both and I got everything to work. This was great! Thank you so much!!
Hello Jay, I think I am having similar issues. What did you do to fix it?
To fix, enable adapters on PC not VM, then they will connect and assign IP
Thanks!
No way!!! Thank YOU lol, serious! And no problem :)
This tutorial is awesome! I haven't personally used Nessus, but I'm aware of its reputation as one of the leading vulnerability scanners available. With its comprehensive set of features, Nessus is capable of scanning networks for a variety of potential vulnerabilities - from missing patches to misconfigurations.
Great Job Josh!!!
Thank you
My Professor recommended learn Nessus so I'm taking his advice.
Thank you for being straigh to the point with real world example - helps a lot
For sure! Thanks for watching :)
Great video, I use the professional version along with SCAP scanner and of course stigging. I find it cumbersome to produce SCAP/OVAL results with Nessus so I am just using the SCAP scanner for that portion.
Oh very interesting, thanks for the sharing. I haven't used Nessus Pro very much recently. Hopefully I never have to do vulnerability management again lol
Thanks for walking through basics of vulnerability management using Nessus. This was extremely helpful.
I basically know everytNice tutorialng there is to know about soft soft but I still watched tNice tutorials through just because of how good you explained
Thanks so much Sobia, you are so kind :)
Thank you for sharing this, Josh. As someone entering cybersecurity, these kind of videos are extremely helpful. :)
Hey Matthew! No problem! Glad it was useful :p. I'm bouts to release another interesting one this coming Monday. It's going to be a SIEM lab (Azure Sentinel) where we are observing live cyber attacks from around the world :).
Thanks for watching!
Excellent content. great and comprehensive guidance. Thanks Josh....
Awesome video to easily understand Nessus. Thank you!
Shoot, glad to hear it! Thank you!
I subscribed and liked your video, no more comment , I appreciate the way you you prepared it.
This is great training and learning content Josh, a plethora of information to gain and apply into scenarios - thank you
No problems! Thanks for watching! I love doing Vuln Mgmt labs and fixing the vulnerabilities lol
your video is BOOOOOOOOM !. The concept is superb and the explanation well structured!. I am subscribing
Recently did this walkthrough in my lab environment and it was very interesting! Thank you for this content
This is perfect video , very well explained
Thank you so much! I really appreciate it!
Thank you for all you do
Yeeeeesssss i live for these tutorials!!!! you are the best teacher
Dang seriously? Thank you so much lol. I wasn't sure people would care about this one, so thank you haha
Excellent demo alot learnt in it . Thank you for sharing
This is very practical. great job 💯
Sweet! I can’t wait to do this when I get home.
Have fun! I love remediating them and watching the vulnerabilities drop off on the subsequent scans lmao
Help me ti do this please
This was a very helpful session. Thank you!
Really appreciate that. thanks so much!
Josh you Rock man! Your video inspire me to learn Nessus. I wish Nessus give you the power to remediate all those vulnerabilities within Nessus framework like Qualys. Maybe you can tell us what is the best VMDR framework on the market right now & which one do you recommend to learn? Thanks
This video is so informative and perfectly explained.
Thanks for the this tutorial. This is so amazing, informative and engaging.
Super explanation with live examples
Excellent Tutorial bro.
Thanks for the training & education on Nessus!
Amazing Tutorial.
I can imagine how many hours of hard work you must've put in making of this video.
Josh, your video is awesome! I've been looking for some basic knowledge that would help me learn about Nessus scans. We use them where I work and I'm trying to break into a cybersecurity position and Nessus scans often come up in the job description. Thank you!
This is great stuff...Thanks Josh am learning
This is awesome! Please do more video like this :)
Roger that! A SIEM tutorial/video (Azure Sentinel) with live cyber attacks is coming up this monday! And thanks for watching!
I got an EFI network timeout error when trying to boot Windows 10. However, the pro version of VMWare Workstation allowed me to select 'BIOS' as the firmware type (under Advanced options), and this solved the problem.
Oh nice, good job. Whew!
this is quite precise and detailed, I tried to demo the concept here on my system,however i have a challenge, which is my nessus scanner is able to do host discover for my VM device. I tried several approach such as disabling the firewall on the VM, making the vm network a bridge and the funniest thing is that there is logical connection between the local host and the vm from the command prompt using ping, but am still amazed how the Nessus scanner is unable to detect the VM device, have been on this for days now, troubleshooting the issue. Any tips to help?
Awesome training Josh, thank you!
No problems!! Thanks for watching!
hi josh, great video! i have one advice to give. you could go more in depth on all this stuff. if you already make a video on something, the people who watch 30 minutes will watch a 1 hour video aswell. Those who really want to learn, will watch any length video, as long as it contains relevant information.
thank you so much for sharing this i learnt a lot
Glad you liked it!!! Thank you ^^
Josh ty , this video has so much value
Wow love the video ❤❤ love you voice too
Bruh, this is just what I was looking for. Literally, from start to finish. Nice video. Definitely very useful.
❤
It was very nice and professional explanation with a simple words easy to understand , it’s been very understandable. Thank you so much.!
And please do me a favor here answering my a couple questions !!
And I will appreciate your assistance !
My first question :
I am having issues installing my Nessus essentials on my virtual box , do you have any idea how we can solve this?
My second question :
I have a virtual box and I have Kali Linux 2023.2, metasploitable2,3 , windows 10 installed in it,
And I cannot scan them through my Nessus Essentials installed on my physical windows 11, how do you think what I’m doing wrong?
Thank you so much for answers
That was an awesome tutorial Josh.
Josh! You are Amazing, a big thank you for making nessus so more easy to understand.
I also followed your Azure sentinel which was very good.
If you've got anything else cyber releated to add to my CV (Hands on experience) - Please let me know :) !
This is the stuff. I can't wait to play around with this stuff. Do you think you will do more of these in the future like Metasploit, Wireshark etc.
I will definitely do some more in the future, I just have to think of some good ones, haha. I'm open to suggestions as always!
@@JoshMadakor hey man ill support you as much ideas as I can. You should do a podcast maybe. Zach from IT career questions
Thank you, great video!
Thank you for your content I am most definitely doing these. I go to full sail university and getting my bachelors degree in cyber security and they sent me a MacBook Pro 16 in with the m2 chip and I get licenses for all the VMware products. Already got myself a Cisco server and a thecus 7 bay nas that I’m still trying to figure out how to work them together but if you have any content on how to connect your nas to VMware most def let me know
Hey Josh great vid - Happy New Year - wanted to ask, i receive a Certificate error when running Nessus Essentials Web UI...From what i read this is a non issue however I wanted to get another opinion as I am a little iffy on running a credential scan while https is crossed out :) --- can i get your opinion please!
Hello! Thanks for the content. I need help 🤯 Should it also work on macOS? I download VMware 12 fusion because as I understand it is the macOS version of VMware. Fusion VMware cannot start this ISO because it cannot understand the file format. Where is the issue? on ISO on VMware Fusion?
I’m not sure, but you could try oracle virtual box. Hmmm
First? I did a nessus scan on my home network a couple months ago. it was interesting.
Hey other Josh, haha. I should try that. Scan my TV and stuff and see what happens :p
Another great informative video! I will certainly work on this after I get very familiar with Active Directory, then get the whole job thing squared away.
Do you think this is more catered towards specifically vulnerability management roles or is this applicable to other roles such as security analyst, security engineer, cybersecurity analyst, and other InfoSec roles? Or, does this fall under the same umbrella as those mentioned?
Thanks! and I think Vulnerability Management is pretty general. Almost everyone on the security team plays a role in vulnerability management, from creating policy and standards, to scanning, to assessing, to remediating, to approving exceptions.
Maybe the engineers configure and manage the platform.
Maybe the Analysts use the platform or remediate stuff. etc etc. Depends on the size of the organization too. Hope this helps!
First of all, THANK YOU SO MUCH. But I do have to say, PLEASE slow down so I could keep up, should you decide to do another one of these.
So I have run into the issue (not sure of if an issue) where I dont receive any new scans. Its the same ones even after installing the 'old' firefox. I did the registry editor, firewalls dropped, and added credentials but nothing. Its the same scans since I linked the nessus with the VM.
Are the credentials correct? User Account Control turned down/off?
Any time I do a Basic Network Scan or Advanced Scan it doesn't show hosts and vulnerabilities. Anyone know why that is?
try using the VM's default gateway instead of ipv4, that worked for me
Thank you. New to cybersecurity and looking to gain as much knowledge as possible. Your video helped. Do you have any suggestions for a newbie?
Nice One Thanks you very much for the video
You are awesome, thank you.
Thank you so much :)
For the choosing of processors on your VM, I've heard that if you have a Dual Core that you should put the number of processors as divisible by two because of the way the cores interact with each other. Pretty much allocating your processor cores to line up symmetrically with the way they are with the host. Do you know if this is true?
This is a great question but I don't really know :(. Definitely worth a google though.
I didn't find nessus for arm64 . Can I install it in mac m1? is there any difference?
Great question!
Hi Josh, Hope you are well. I liked your all videos. Just wondering if is there any latest vulnerable assessment report that I can get from you. I need to make a final report about exactly what you did in this video. It will help me.
Thank you very much Josh.. VM training with Nessus is very useful and informative. I have one question about device credentials. In few of the organizations, device owners (for windows, linux, n/w or f/ws) are not ready to share admin login credentials due to security reasons.. what is the recommended solution for this scenario? please suggest.
_> In few of the organizations, device owners (for windows, linux, n/w or f/ws) are not ready to share admin login credentials due to security reasons._
Haha, I've faced this quite a lot. I will usually give them two option. Setup some kind of JIT (just-in-time) provisioning for me that will allow the credentials to work only during a certain time period where I'm trying to conduct the scans on their systems. If they don't want to setup JIT provisioning, they will just have to provide some credentials, preferably that are controlled centrally by a security group or something. Alternatively (i did this for some domain controllers), you'll sometimes be able to install a local agent on the systems that you want to scan, that will kind of do a self-assessment and report the findings back to the VM console. For example, with Rapid7 insightVM, they have the Insight Agents.
Support from upper management also helps this effort overall!
It's a really troublesome problem, I know, but hope this helps a little bit.
I got issues in VMWare when I ran it, every going ok, but at last, I could not boot up ISO files. I try VM power off and uncheck anything with the word Ethernet in it also. I am running a wireless network, I got a comment below backing up with NAT, and help in wireless. I try it doesn't work. Any suggestion that could help me to solve this issue in my own lap, please. The error Image is below: EFI Network Time out. I press any key when it boots up .....
Great content. Thanks
Thanks this is an awesome, video I have a question, How can I implement this in a way that has never been done before, looking for ideas for my thesis program and it needs to be a different approach that hasn't been done before, thanks.
What certs and or skills would you recommend Josh for Vulnerability Management that employers would look for in trainees or those wanting to work in this field - thanks in advance -
Definitely some OffSec certs/skills with some vulnerability management lab work (like in this video, but maybe a bit more). The certs I'd recommend are eJPT with the training from INE, and if you are feeling SUPER ambitious, OSCP from offensive security, but that one is quite difficult. :)
Please make a video on project I can do for cybersecurity engineering i need like 3
thanks Big man...i couldn't follow thru as it was fast and did not find how to install the app on Mac..hope i have not asked something too elementary, really looking to go into VM big time,any more support will be appreciated
Hey! So sorry about that :(, I may remake this lab in the future on Mac. I use Mac primarily now actually :)
@@JoshMadakor oh that will be a blessing,do u have any mentorship programme for people who will like some mentorship in this field ..will like to know