Let me ask you a question...
If you wanted to install Nessus in a virtual machine in VMware,
How would you do it?
Well, Most of you will say that... firstly we need to install any operating system like Windows 10 or 11 in a virtual machine and then install Nessus inside it as we normally do in our computers.
If that's what you think... You are right. That's possible.
But there's an easier way to do it, without installing an operating system separately.
To do this, you need to use something called Tenable's Virtual Appliance. We will learn about this in this article. Keep reading!
.
.
.
Introduction for technical people (beginners can jump directly to the second paragraph): If you do not want to use nessus on your localhost:8834 web address, but rather want to install nessus on a Virtual Machine (if you know what that is) and then use it from your browser by typing the Virtual machine's IP rather than localhost, then Tenable Virtual Appliance is probably what you need.
(I will try explaining it to you step by step, without rushing to the definition)
Before understanding "Tenable" Virtual Appliance, firstly try to understand what a virtual appliance is:
Simply put, A virtual appliance is a single pre-configured virtual machine image file which contains a software and everything else required to run it (like operating system doesn't need to be installed separately first, because this file already has the operating system in itself + the software you want to run).
You can import this file into your VMware or similar virtual machine software, and start using the software directly on the virtual machine.
In other words, A virtual appliance is a pre-configured virtual machine image, which is ready to run on a virtual machine software like VMWare or Virtual Box.
I know that was like a long introduction... Even if you did not understand anything yet, don't quit this article. "Let's start from the start."
So, let me start this way...
Tenable's Virtual Appliance is basically just a file you can download from Tenable's website.
This file is available in multiple types.
(We will talk about the .ova file here, but all of them are very similar.)
This .ova file is meant to be imported into a software called VMware.
Note: VMware is a software with which you can create virtual machines and use them. Virtual machine is a computer inside a computer. Try imaging it like the picture below:
...So you have your main computer (Windows 10) and inside it you install Vmware, and inside this software you can install any operating system, like I have installed Kali Linux (Here, kali linux is called a virtual machine). This way, you are able to use another operating system inside your main operating system by making a virtual machine.
Now, getting back to Tenable's Virtual Appliance...
Tenable's Virtual Appliance is also basically a virtual machine file.
But it does not contain a full-fledged operating system. It only contains nessus + whatever else is required at minimum to run it properly. This way you will not need to have a complete operating system first and then install nessus over it. Tenable's Virtual Appliance contains nessus which can work even without operating system.
You can see any video on youtube on how to install "VMware Player" in your computer.
To setup the virtual appliance in your PC, Follow these steps:
Vmware Player >> Open a Virtual Machine >> Browse your computer and click on the .ovf file you downloaded.
Give this virtual machine a name and click import ↓
As you can see, it starts importing this machine ↓
Now it is started completely, and we can see it gives us the link (https://192.168.1.77:8000) which we can open in our browser to access the Web Management Interface (think of it as the dashboard of this machine). ↓
Now open that page in your browser, you will get this kind of page ↓
Now use the default username: wizard and password: admin to log in for the first time ↓
Now it will ask you to create new administrator account. Just choose a username and password and click "Create Account" ↓
Now click Finish Setup ↓
You will be redirected back to the main login screen. This time login with the new credentials you just created ↓
# Now the dashboard will finally be in front of your eyes as shown in the picture below.
Just click on the page which says "Nessus" and you will see the URL of that page where you can install Nessus further. In my case, that URL is https://192.168.1.77:8834.
When you go to that URL for the first time, it says security risk ahead... Just click ADVANCED and click "Accept the Risk and Continue". ↓
Now you will finally see the Nessus Setup in front of your eyes. ↓
From this point onwards, just choose the options and install Nessus normally. And then you will be able to use Nessus.
So, as you can see, with this Tenable Virtual Appliance, you can install Nessus inside a virtual machine, without needing to install an operating system first in a VM and then install the software over it. You can just put this one single Virtual appliance file into your virtual machine software and run, without an operating system (because Virtual appliance already has the minimum operating system and whatever else is required to run this software).
HERE'S A CATCH THOUGH....
Nessus is NOT the only thing you can setup within Tenable Virtual Appliance.
Instead of Tenable-Core-Nessus, from the same download page, if we downloaded Tenable Virtual Appliance for some other product (apart from Nessus) like maybe "Tenable Core + Tenable.sc" OR "Tenable Core + Tenable.ot" then we could have similarly got those products installed in the virtual machine also.
I know this lecture became really long...
But the knowledge is worth it.
Thank you so much for reading this article,
~ Avinash Yadav