About Plugin Families

Nessus Plugin Families


Plugins that detect the presence of a malicious file or backdoor access that can potentially lead to unauthorized access to a system.

CGI abuses

Plugins for vulnerabilities that leverage the common gateway interface.

CGI abuses : XSS
Plugins for vulnerabilities that leverage the common gateway interface, that specifically cause cross-site scripting issues.

Plugins that relate to vulnerability detection of Cisco devices.


Plugins that relate to specific database applications and their vulnerabilities.

Default Unix Accounts

Plugins that test Unix hosts for a variety of accounts that could be installed by default during application installation.

Denial of Service

Plugins that directly test for vulnerabilities that cause a denial of service. This plugin family will be executed when Safe Checks are disabled.


Plugins that deal with firewall devices and software that do not have a specified family.

Gain a shell remotely

Plugins that deal with vulnerabilities that attempt to gain a shell on a host or device.


Plugins that mostly gather information for other checks.

Incident Response (Deprecated)

Deprecated / disabled


Plugins that are host and device neutral.

Mobile Devices

Plugins that deal with mobile devices.


Plugins that specifically deal with Novell Netware.

Peer-To-Peer File Sharing

Plugins for detection of software and vulnerabilities of peer-to-peer sharing applications.

Policy Compliance

Plugins used by the Compliance and Audit function to leverage an audit file against a host.

Port scanners

Plugins that gather port information.


Plugins that leverage SCADA for gathering information and vulnerability checks.

Service detection

Plugins that detect the specific protocol or application listening on a port.


Plugins that specifically deal with the scanner settings and scan information.

Web Servers

Plugins specifically for web servers.


Plugins that relate to the Windows platform and applications.

Windows : Microsoft Bulletins

Windows local security checks that specifically cover a Microsoft Bulletin.

Windows : User management

Windows local security checks that specifically cover user information.

Local Security Checks

The following categories leverage data gathered using the credentials provided to a host or device:

  • AIX Local Security Checks
  • Amazon Linux Local Security Checks
  • CentOS Local Security Checks
  • Debian Local Security Checks
  • F5 Networks Local Security Checks
  • Fedora Local Security Checks
  • FreeBSD Local Security Checks
  • Gentoo Local Security Checks
  • HP-UX Local Security Checks
  • Huawei Local Security Checks
  • Junos Local Security Checks
  • MacOS X Local Security Checks
  • Mandriva Local Security Checks
  • NewStart CGSL Local Security Checks
  • Oracle Linux Local Security Checks
  • OracleVM Local Security Checks
  • Palo Alto Local Security Checks
  • PhotonOS Local Security Checks
  • Red Hat Local Security Checks
  • Scientific Linux Local Security Checks
  • Slackware Local Security Checks
  • Solaris Local Security Checks
  • SuSE Local Security Checks
  • Ubuntu Local Security Checks
  • Virtuozzo Local Security Checks
  • VMware ESX Local Security Checks
Protocol Checks

The following categories are for plugins that deal with the specific protocol:

  • DNS (Domain Name System)
  • FTP (File Transfer Protocol)
  • RPC (Remote Procedure Call)
  • SMTP problems (Simple Mail Transfer Protocol)
  • SNMP (Simple Network Management Protocol)

Description of Terms

Common gateway interface

The interaction of data between a user and a website.

Local security checks

A plugin that uses the provided authentication credentials to gather information on a host or device.

Cross-site scripting (XSS)

A specific attack in which malicious script code could be executed by a website.

Denial of service

A specific attack in which a service, device, or host is rendered unusable or unreachable for its intended purpose.


A security device or software that manages the interaction between devices over a network.


A user interface for interacting with the OS or device.


A type of network that has no central server; instead each node can act as both server and client.


A control system for high-level process supervisory management.

(The words plugins and checks is used interchangeably in this context)