Detections
Analytics
About Plugin Families
Nessus Plugin Families
Backdoors
Plugins that detect the presence of a malicious file or backdoor access that can potentially lead to unauthorized access to a system.
CGI abuses
Plugins for vulnerabilities that leverage the common gateway interface.
CGI abuses : XSS
Plugins for vulnerabilities that leverage the common gateway interface, that specifically cause cross-site scripting issues.
CISCO
Plugins that relate to vulnerability detection of Cisco devices.
Databases
Plugins that relate to specific database applications and their vulnerabilities.
Default Unix Accounts
Plugins that test Unix hosts for a variety of accounts that could be installed by default during application installation.
Denial of Service
Plugins that directly test for vulnerabilities that cause a denial of service. This plugin family will be executed when Safe Checks are disabled.
Firewalls
Plugins that deal with firewall devices and software that do not have a specified family.
Gain a shell remotely
Plugins that deal with vulnerabilities that attempt to gain a shell on a host or device.
General
Plugins that mostly gather information for other checks.
Incident Response (Deprecated)
Deprecated / disabled
Misc.
Plugins that are host and device neutral.
Mobile Devices
Plugins that deal with mobile devices.
Netware
Plugins that specifically deal with Novell Netware.
Peer-To-Peer File Sharing
Plugins for detection of software and vulnerabilities of peer-to-peer sharing applications.
Policy Compliance
Plugins used by the Compliance and Audit function to leverage an audit file against a host.
Port scanners
Plugins that gather port information.
SCADA
Plugins that leverage SCADA for gathering information and vulnerability checks.
Service detection
Plugins that detect the specific protocol or application listening on a port.
Settings
Plugins that specifically deal with the scanner settings and scan information.
Web Servers
Plugins specifically for web servers.
Windows
Plugins that relate to the Windows platform and applications.
Windows : Microsoft Bulletins
Windows local security checks that specifically cover a Microsoft Bulletin.
Windows : User management
Windows local security checks that specifically cover user information.
Local Security Checks
The following categories leverage data gathered using the credentials provided to a host or device:
- AIX Local Security Check
- Alma Linux Local Security Checks
- Amazon Linux Local Security Checks
- CentOS Local Security Checks
- Debian Local Security Checks
- F5 Networks Local Security Checks
- Fedora Local Security Checks
- FreeBSD Local Security Checks
- Gentoo Local Security Checks
- HP-UX Local Security Checks
- Huawei Local Security Checks
- Junos Local Security Checks
- MacOS X Local Security Checks
- Mandriva Local Security Checks
- NewStart CGSL Local Security Checks
- Oracle Linux Local Security Checks
- OracleVM Local Security Checks
- Palo Alto Local Security Checks
- PhotonOS Local Security Checks
- Red Hat Local Security Checks
- Rocky Linux Local Security Checks
- Scientific Linux Local Security Checks
- Slackware Local Security Checks
- Solaris Local Security Checks
- SuSE Local Security Checks
- Ubuntu Local Security Checks
- VMware ESX Local Security Checks
- Virtuozzo Local Security Checks
Protocol Checks
The following categories are for plugins that deal with the specific protocol:
- DNS (Domain Name System)
- FTP (File Transfer Protocol)
- RPC (Remote Procedure Call)
- SMTP problems (Simple Mail Transfer Protocol)
- SNMP (Simple Network Management Protocol)
Nessus Network Monitor Plugin Families
Backdoors
Plugins that detect the presence of a malicious file or backdoor access that can potentially lead to unauthorized access to a system.
CGI
Plugins for vulnerabilities that leverage the common gateway interface.
Cloud Services
Plugins to identify cloud services which may place intellectual property at risk.It is not intended for social media services (social media usage detection would typically be found in the Policy family).
DNS Servers
Identifies DNS server related installations
Data Leakage
Plugins that detect protected data that is being leaked via unsecured or poorly secured protocols
Database
Plugins that relate to specific database applications and their vulnerabilities.
FTP Clients
Plugins related to FTP client detection
FTP Servers
Plugins related to the detection of FTP Servers
Finger
Plugins to identify finger daemon services
Generic
Plugins to identify general software that do not fit in any other categories, normally are host and device neutral
IMAP Servers
Plugins to identify activity reflecting IMAP Server functionality
IRC Clients
Plugins to identify the presence of IRC Clients
IRC Servers
Plugins to identify the presence of IRC Servers Functionality
Internet Messengers
Plugins to identify online chat applications
Internet Services
Plugins to identify hosted services that accept connections from the Internet
IoT
Plugins to identify Internet of Things Devices in the Network
Mobile Devices
Plugins that deal with mobile devices.
Operating System Detection
Plugins to identify different Operating Systems in the network
POP Server
Plugins to identify POP Servers in the network
Peer-To-Peer File Sharing
Plugins to identify peer-to-peer file sharing applications or services
Policy
Plugins to identify software or services that could go against a company’s acceptable use or security policy.
RPC
Plugins to identify Remote Procedure Calls
SCADA
Plugins related to Supervisory Control and Data Acquisition (SCADA)/Industrial Control System (ICS) plugins
SMTP Clients
Plugins related to the identification of SMTP Clients
SMTP Servers
Plugins related to the identification of SMTP Servers
SNMP
Plugins related to the identification of SNMP Services
SSH
Plugins to identify SSH Servers
Samba
Plugins to identify Samba services
Web Clients
Plugins specifically for web clients.
Web Servers
Plugins specifically for web servers.WAS Plugin Families
Authentication & Session
Plugins related to authentication and session issues
Code Execution
Plugins allowing code to be executed on the server and/or the application
Component Vulnerability
Information and vulnerabilities found on components used to build web applications
Cross Site Request Forgery
Plugins specifically for XSRF issues
Cross Site Scripting
Plugins specifically for all types of XSS issues
Cross Site Scripting
Plugins specifically for all types of XSS issues
File Inclusion
Plugins to identify that a file can be uploaded to the scanned asset
General
Plugins for Scan General Information
HTTP Security Header
Plugins to identify information and vulnerabilities on HTTP headers used by the web application
Injection
Plugins to identify different types of injection (SQL, noSQL, Code)
SSL/TLS
Information and vulnerabilities on the HTTPs protocol and certificates used by the web application
Web Applications
Plugins to identify information/Detection collected on the web application
Web Servers
Plugins to identify Information/Detection collected on the web server running the web application
Tenable OT Security Plugin Families
SCADA
Plugins related to Supervisory Control and Data Acquisition (SCADA)/Industrial Control System (ICS) plugins
Description of Terms
Common gateway interface
The interaction of data between a user and a website.
Local security checks
A plugin that uses the provided authentication credentials to gather information on a host or device.
Cross-site scripting (XSS)
A specific attack in which malicious script code could be executed by a website.
Denial of service
A specific attack in which a service, device, or host is rendered unusable or unreachable for its intended purpose.
Firewall
A security device or software that manages the interaction between devices over a network.
Shell
A user interface for interacting with the OS or device.
Peer-to-peer
A type of network that has no central server; instead each node can act as both server and client.
SCADA
A control system for high-level process supervisory management.
(The words plugins and checks is used interchangeably in this context)