OpenVAS (''Open Vulnerability Assessment System'', originally known as ''GNessUs'') is the scanner component of Greenbone Vulnerability Manager (GVM), a
software framework of several services and tools offering
vulnerability
Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally."
A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, com ...
scanning and
vulnerability management
Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be ...
.
All Greenbone Vulnerability Manager products are
free software, and most components are licensed under the
GNU General Public License
The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general ...
(GPL). Plugins for Greenbone Vulnerability Manager are written in the
Nessus Attack Scripting Language, NASL.
History
Greenbone Vulnerability Manager began under the name of OpenVAS, and before that the name GNessUs, as a
fork
In cutlery or kitchenware, a fork (from la, furca 'pitchfork') is a utensil, now usually made of metal, whose long handle terminates in a head that branches into several narrow and often slightly curved tine (structural), tines with which one ...
of the previously
open source Nessus scanning tool, after its developers
Tenable Network Security changed it to a proprietary (
closed source
Proprietary software is software that is deemed within the free and open-source software to be non-free because its creator, publisher, or other rightsholder or rightsholder partner exercises a legal monopoly afforded by modern copyright and inte ...
) license in October 2005.
OpenVAS was originally proposed by
pentesters at SecuritySpace, discussed with
pentesters at Portcullis Computer Security and then announced by Tim Brown on
Slashdot
''Slashdot'' (sometimes abbreviated as ''/.'') is a social news website that originally advertised itself as "News for Nerds. Stuff that Matters". It features news stories concerning science, technology, and politics that are submitted and eval ...
.
Greenbone Vulnerability Manager is a member project of
Software in the Public Interest
Software in the Public Interest, Inc. (SPI) is a US 501(c)(3) non-profit organization domiciled in New York State formed to help other organizations create and distribute free open-source software and open-source hardware. Anyone is eligible to ...
.
Structure
There is a daily updated feed of Network Vulnerability Tests (NVTs) - over 50,000 in total (as of July 2020).
Documentation
The OpenVAS protocol structure aims to be well-documented to assist developers. The OpenVAS Compendium is a publication of the OpenVAS Project that delivers documentation on OpenVAS.
See also
*
Aircrack-ng
*
BackBox
*
BackTrack
*
Kali Linux
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security.
Kali Linux has around 600 penetration-testing programs (tools), including Armitage (a ...
*
Kismet (software)
Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw monitoring mode, and can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic. ...
*
List of free and open-source software packages
This is a list of free and open-source software packages, computer software licensed under free software licenses and open-source licenses. Software that fits the Free Software Definition may be more appropriately called free software; the GNU ...
*
Metasploit Project
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
I ...
*
Nmap
Nmap (Network Mapper) is a network scanner created by Gordon Lyon (also known by his pseudonym ''Fyodor Vaskovich''). Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.
Nmap provide ...
*
ZMap (software)
References
External links
OpenVAS web siteOpenVAS, Nikto Nmap, OWASP Zed Attack Proxy (ZAP) all in oneOpenVAS, Nessus and NexPose TestedOpenVAS Compendium - A Publication of The OpenVAS Project
{{DEFAULTSORT:Openvas
Free security software
Network analyzers
2005 software
Pentesting software toolkits