Nessus is a proprietary vulnerability scanner available free of charge for personal use. There are over 40,000 plugins covering a large range of both local and remote flaws.



Download and extract the nessusAUR tarball available in the AUR.

Note: As of April 26, 2016, it is no longer required to agree and download the Nessus rpm. A script will run and download the rpm from the Nessus site automatically. If it appears that nothing is happening, please be patient as the script runs wget silently. The installation will proceed after the rpm is downloaded.

Post-installation setup

Register your email at and wait for your key to be emailed to you.


The nessusAUR package provides a nessusd.service unit file, see systemd#Using units for details.

Access the web interface at https://localhost:8834 and/or use the commandline interface (/opt/nessus/sbin/nessuscli). In most browsers, you will need to manually accept the SSL certificate you created for the server.


The package can be removed with pacman, but files created by Nessus, such as the plugin database it downloads, must be removed manually:

Note: This will delete your Nessus configuration files.
# rm -r /opt/nessus

See also