The Nessus plugins test the web application against the test cases configured, and report the failed vulnerabilities along with the respective outputs. The report also reveals a great deal about the exploits that were executed by the scanner in order to help the user to recreate the issue and create a better mitigation method. The Nessus web application scanner cannot perform any business logic checks, as it lacks the decision-making algorithms for these. Hence it is always good to use the Nessus web application scanner module only for quick tests and later perform a full fledged penetration test on the application to obtain better results.