Tenable's Nessus Scanner is a vulnerability scanner that looks for known vulnerabilities, configuration issues and more by inspecting hosts over the network. For more information about Nessus, see the following link:
Warning
The content of this repo is licensed under GPL-3.0 license. You will need to check the Nessus scanner license if you want any other commercial use.
In this project, only what is essential for running the application is used. Now we using the image from cgr.dev/chainguard/wolfi-base with zero CVE's and a working image of minimum size will be provisioned. See below the before and after.
Click to expand
- Docker, Podman, DockerSlim or Containerd/nerdctl.
- License to use Nessus. You can get it here.
You can safely inspect and use my already compiled image or build your own based on the instructions below.
- Clone this repository.
- Run the command:
docker buildx build -t ciromota/nessus-scanner:latest . - Or uncomment line 5 in
docker-compose.ymlfor build and run.
docker container run -td --name nessus-scanner -p 8834:8834 -v \
/etc/localtime:/etc/localtime ciromota/nessus-scanner:latestOr through docker-compose: docker-compose up -d.
- Access
https://localhost:8834
Podman is a container engine for developing, managing and executing containers as an alternative to Docker.
- Clone this repository.
- Run the command:
podman build -t ciromota/nessus-scanner:latest -f . - Or uncomment line 5 in
docker-compose.ymlfor build and run.
Practically the same as Docker.
podman run -td --name nessus -p 8834:8834 -v \
/etc/localtime:/etc/localtime ciromota/nessus-scanner:latestOr through docker-compose: docker-compose up -d.
- Access
https://localhost:8834
DockerSlim brings a new experience in container management keeping its same workflow, producing a smaller and secure container.
Consult the documentation and learn about all its functions.
You can run DockerSlim on top of the previously built image and reduce the size of the Nessus Scanner image without harm, just use the command below:
docker-slim build ciromota/nessus-scannerOr, it is possible with the help of DockerSlim itself to build a new image based on the Dockerfile file contained in this repo. Use the command below:
docker-slim build --dockerfile Dockerfile --show-blogs --tag ciromota/nessus-scanner.slim .In both cases, you can run the container in the same way:
docker container run -td --name nessus -p 8834:8834 -v \
/etc/localtime:/etc/localtime ciromota/nessus-scanner.slim- Access
https://localhost:8834
nerdctl is a Docker-compatible CLI for containerd. Its syntax is basically the same used for Docker and Podman for example. Besides being rootless, it has other interesting functions, I recommend getting to know it.
- Clone this repository.
- Run the command (BuildKit will need to be installed first. See documentation.):
nerdctl image build -t ciromota/nessus-scanner:latest .- Or uncomment line 5 in
docker-compose.ymlfor build and run:
nerdctl compose -f docker-compose.yml up -dnerdctl run -d --name nessus-scanner -p 8834:8834 -v \
/etc/localtime:/etc/localtime ciromota/nessus-scanner:latestOr through docker-compose: nerdctl compose up -d
- Access
https://localhost:8834
Tenable Nessus since from version 8.x.x has its official container image if you wish to use an image from the developer himself.
If you like this work, please give me it a star here on GitHub and consider supporting it:
