The Nessus vulnerability scanner from Tenable Security (http://www.tenable.com/) is one of the most widely used vulnerability scanners. Metasploit’s Nessus plug-in lets you launch scans and pull information from Nessus scans via the console, but in the example that follows, we’ll import Nessus scan results independently. Using Nessus 4.4.1 with a free Home Feed, we’ll run this scan against the same target we’ll use throughout this chapter, with known credentials. In these early stages of a penetration test, the more tools you can use to fine-tune your future attacks, the better.