Login
Login

OpenVAS

{{Short description|Computer vulnerability scanning software}}

{{use dmy dates|date=September 2023}}

{{Infobox software

| name = OpenVAS

| logo = OpenVAS-Logo-2010

| developer = Greenbone Networks GmbH

| latest_release_version = {{wikidata|property|reference|edit@end|P348}}

| latest_release_date = {{start date and age|{{wikidata|qualifier|P348|P577}}}}

| operating_system = Cross-platform

| programming language = C

| genre = Vulnerability scanner

| license = GPL

| website = {{official URL}}

}}

OpenVAS (Open Vulnerability Assessment Scanner, originally known as GNessUs) is the scanner component of Greenbone Vulnerability Management (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerability management.{{Cite web|title=GMV tools - Glossary|url=https://gvm-tools.readthedocs.io/en/latest/glossary.html|website=Greenbone Networks GmbH |date=2023-03-22 |access-date=2023-10-09}}

All Greenbone Vulnerability Management products are free software, and most components are licensed under the GNU General Public License (GPL). Plugins for Greenbone Vulnerability Management are written in the Nessus Attack Scripting Language, NASL.

History

Greenbone Vulnerability Manager began under the name of OpenVAS, and before that the name GNessUs, as a fork of the previously open source Nessus scanning tool, after its developers Tenable Network Security changed it to a proprietary (closed source) license in October 2005.{{cite news |url=http://news.cnet.com/Nessus-security-tool-closes-its-source/2100-7344_3-5890093.html |title=Nessus security tool closes its source |date=2005-10-06 |first=Renai |last=LeMay |publisher=CNet}} OpenVAS was originally proposed by pentesters at SecuritySpace,{{Cite web|url=https://www.securityspace.com/sspace/index.html|title=SecuritySpace|website=www.securityspace.com}} discussed with pentesters at Portcullis Computer Security{{cite web |title=Portcullis Labs |website=labs.portcullis.co.uk |url=https://labs.portcullis.co.uk/ |access-date=2023-09-22}} and then announced{{cite web |title=Nessus Closes Source |website=Slashdot |date=2005-10-07 |url=https://slashdot.org/comments.pl?sid=164517&cid=13738162 |access-date=2023-10-09}} by Tim Brown on Slashdot.

Greenbone Vulnerability Manager is a member project of Software in the Public Interest.{{cite web |title=[Openvas-discuss] Log from SPI board meeting |website=lists.wald.intevation.org |date=2007-07-07 |url=https://lists.wald.intevation.org/pipermail/openvas-discuss/2007-July/000333.html |archive-url=https://web.archive.org/web/20101024051641/https://lists.wald.intevation.org/pipermail/openvas-discuss/2007-July/000333.html |archive-date=2010-10-24 |url-status=dead}}

Structure

File:OpenVAS-7-Structure.png

There is a daily updated feed of Network Vulnerability Tests (NVTs). {{As of|2019|01}}, there were over 50,000 NVTs.{{cite web |title=About Greenbone Community Feed (GCF) | website=Greenbone Community Forum |date=2019-01-10 |url=https://forum.greenbone.net/t/about-greenbone-community-feed-gcf/1224 |access-date=2023-10-09}}

Documentation

The OpenVAS protocol structure aims to be well-documented to assist developers. The OpenVAS Compendium is a publication of the OpenVAS Project that delivers documentation on OpenVAS.

See also

{{Portal|Free and open-source software}}

{{col div}}

{{col div end}}

References

{{Reflist}}

External links

  • {{Official website}}
  • {{cite web |title=Nessus, OpenVAS and Nexpose VS Metasploitable |website=HackerTarget.com |date=2012-08-22 |url=https://hackertarget.com/nessus-openvas-nexpose-vs-metasploitable/ |ref=none |access-date=2023-10-09}}
  • {{cite web |title=OpenVAS - Protocol Documentation |website=openvas.org |date=2011-02-08 |url=https://www.openvas.org/protocol-doc.html |archive-url=https://web.archive.org/web/20180624105954/https://www.openvas.org/protocol-doc.html |archive-date=2018-06-24 |url-status=dead |ref=none}}
  • {{cite web |title=Wald: OpenVAS: Project Filelist for OpenVAS |website=wald.intevation.org |date=2015-10-18 |url=https://wald.intevation.org/frs/?group_id=29 |archive-url=https://web.archive.org/web/20210126002542/https://wald.intevation.org/frs/?group_id=29 |archive-date=2021-01-26 | url-status=dead |ref=none}}

{{Software in the Public Interest}}

{{DEFAULTSORT:Openvas}}

Category:2005 software

Category:Free security software

Category:Network analyzers

Category:Pentesting software toolkits