Skip to content

thatboringbro/vulnerability-assesment-with-nessus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
images
images
 
 
README.md
README.md
 
 

Repository files navigation

CyberTech Infrastructure Security: Multi-Vector Vulnerability Management

Project Overview

This project involved a comprehensive vulnerability management lifecycle targeting CyberTech Solutions' internal Linux infrastructure. I designed a dual-scan assessment strategy to evaluate security from both an external attacker’s perspective and an internal system-level view.

By identifying critical exposures through specialized scanning and engineering an Infrastructure-as-Code (IaC) remediation pipeline, I successfully reduced the infrastructure's attack surface to zero exploitable vulnerabilities.

Technical Methodology

I executed two distinct scan types using Tenable Nessus to gain full visibility into the environment:

  • External Web Application Scan: Targeted the Nginx web server to identify application-layer vulnerabilities, simulating how an outside threat actor would interact with the service.
  • Credentialed Internal Scan: Authenticated into the Linux host via SSH to perform a deep-level inspection of the operating system and installed packages.

Vulnerability Analysis

The assessment surfaced 83 total vulnerabilities. The Credentialed Scan was instrumental in identifying deep system-level flaws that a standard network scan would have missed.

Scan Type Component Key Findings Severity
Web App Scan Nginx CVE-2021-23017: 1-Byte Memory Overwrite (RCE); CVE-2019-9511/13/16: HTTP/2 DoS. High
Credentialed Scan Vim CVE-2026-28417: OS Command Injection in netrw plugin; CVE-2026-33412: Glob newline escape. High

Automated Remediation

I engineered an Ansible remediation pipeline to automate the hardening process across the infrastructure.

Remediation Workflow (update_nginx.yml)

  1. Purge: Removed the vulnerable, manually compiled Nginx v1.15.5.
  2. Sync: Updated system package metadata for repository integrity.
  3. Deploy: Installed the current stable, secured Nginx v1.28.3.
  4. Verify: Executed follow-up Nessus scans, confirming zero exploitable vulnerabilities remained.

Tools and Platforms

  • Tenable Nessus: Credentialed and Web Application Scanning.
  • Ansible: Infrastructure-as-Code for automated patching.
  • Kali Linux: Primary deployment environment.
  • Gmail SMTP: Configured via Port 465 (SSL) for automated reporting pipelines when Port 587 over TLS failed.

Images

See the /images folder for corresponding images.

Strategic Conclusion

This project reinforces the fundamental security principle that visibility is the first step toward defense. By bridging the gap between Tenable Nessus visibility and Ansible automation, I transitioned the infrastructure from a reactive state to a proactive, continuously monitored environment.

X (Twitter): @thatboringbro

About

This project documents the deployment of Tenable Nessus to discover exploitable vulnerabilities on a server and the web application it hosts. It also documents the successful patching and remediation process with ansible - a serverless automation agent to keep the infrastructure secure and hardened.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors