Skip to content
/ Nessus-Vulnerability-Assesstment Public

This project showcases a practical vulnerability assessment conducted using Nessus. It features scans on a Windows 10 & Ubuntu virtual machine configured in a homelab environment to simulate real-world network scenarios. The project includes detailed findings, mitigation strategies, and insights into the vulnerabilities identified.

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Techkeemout/Nessus-Vulnerability-Assesstment

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 

Repository files navigation

Nessus Vulnerability Assessment Lab

This project documents a vulnerability assessment conducted using Tenable Nessus against multiple hosts in a simulated lab environment. The goal was to identify security weaknesses, evaluate their impact, and propose effective remediation strategies — similar to what a security engineer would do in a real organization.

Objectives

  • Scan a defined set of network assets for known vulnerabilities
  • Analyze and classify findings (e.g., CVEs, CVSS scores)
  • Document remediation strategies for high- and critical-risk items
  • Practice secure scanning techniques in a controlled environment

Lab Environment

Element Details
Tool Nessus Essentials (Tenable)
Targets Windows 10 VM, Ubuntu Server, pfSense
Network Type Isolated lab using VirtualBox
Scan Policy Basic Network Scan + Custom Config
Scanner Host Kali Linux 2024.1 VM

Target Scope

See targets/asset-inventory.csv and targets/scan-scope.md

Hostname OS Role IP Address
win10-lab Windows 10 Workstation 192.168.1.10
ubuntu-web Ubuntu 22.04 Web Server (Apache) 192.168.1.20
pfsense-fw pfSense Firewall/Gateway 192.168.1.1

Summary of Findings

Severity # of Vulnerabilities
Critical 3
High 12
Medium 19
Low 21
Info 30+

Detailed list available in reports/high-critical-findings.md

Sample High-Risk Vulnerabilities

Plugin ID Title CVSS Affected Host
42873 SMB Signing not required 10.0 win10-lab
90536 Apache HTTP Server 2.4.49 RCE (CVE-2021-41773) 9.8 ubuntu-web
19506 Nessus Scan Information Info All hosts

Remediation Strategy

See remediation/remediation-plan.md

Example actions:

  • Enable SMB Signing via GPO
  • Patch Apache to ≥2.4.51
  • Disable unused ports and services
  • Schedule monthly vulnerability scans

Screenshots

Dashboard Example of Nessus scan results overview

Key Files

File Purpose
reports/nessus-scan-report.pdf Exported Nessus report
scan-policy.json JSON of scan policy config
high-critical-findings.md Summary of highest-risk issues
remediation-plan.md Step-by-step remediation guide

Ethics & Disclaimer

This assessment was conducted in a private, isolated lab. Do not scan any public or unauthorized networks with Nessus without explicit permission. This project is strictly educational and ethical.

Author

Created by Rakeem GitHub: @yourhandle
LinkedIn: https://www.linkedin.com/in/rakeemdawson/

About

This project showcases a practical vulnerability assessment conducted using Nessus. It features scans on a Windows 10 & Ubuntu virtual machine configured in a homelab environment to simulate real-world network scenarios. The project includes detailed findings, mitigation strategies, and insights into the vulnerabilities identified.

Topics

homelab nessus-scanner cybersecurity-projects

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published