OpenVAS (''Open Vulnerability Assessment Scanner'', originally known as ''GNessUs'') is the scanner component of Greenbone Vulnerability Management (GVM), a

software framework In computer programming, a software framework is a software abstraction that provides generic functionality which developers can extend with custom code to create applications. It establishes a standard foundation for building and deploying soft ...

of several services and tools offering

vulnerability Vulnerability refers to "the quality or state of being exposed to the possibility of being attacked or harmed, either physically or emotionally." The understanding of social and environmental vulnerability, as a methodological approach, involves ...

scanning and

vulnerability management Vulnerability management is the "cyclical practice of identifying, classifying, prioritizing, remediating, and mitigating" software vulnerabilities. Vulnerability management is integral to computer security and network security, and must not be ...

. All Greenbone Vulnerability Management products are

free software Free software, libre software, libreware sometimes known as freedom-respecting software is computer software distributed open-source license, under terms that allow users to run the software for any purpose as well as to study, change, distribut ...

, and most components are licensed under the

GNU General Public License The GNU General Public Licenses (GNU GPL or simply GPL) are a series of widely used free software licenses, or ''copyleft'' licenses, that guarantee end users the freedom to run, study, share, or modify the software. The GPL was the first ...

(GPL). Plugins for Greenbone Vulnerability Management are written in the Nessus Attack Scripting Language, NASL.

History

Greenbone Vulnerability Manager began under the name of OpenVAS, and before that the name GNessUs, as a fork of the previously

open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...

Nessus scanning tool, after its developers Tenable Network Security changed it to a proprietary (

closed source Proprietary software is software that grants its creator, publisher, or other rightsholder or rightsholder partner a legal monopoly by modern copyright and intellectual property law to exclude the recipient from freely sharing the software or modi ...

) license in October 2005. OpenVAS was originally proposed by pentesters at SecuritySpace, discussed with pentesters at Portcullis Computer Security and then announced by Tim Brown on

Slashdot ''Slashdot'' (sometimes abbreviated as ''/.'') is a social news website that originally billed itself as "News for Nerds. Stuff that Matters". It features news stories on science, technology, and politics that are submitted and evaluated by site ...

. Greenbone Vulnerability Manager is a member project of

Software in the Public Interest Software in the Public Interest, Inc. (SPI) is a US 501(c)(3) non-profit organization domiciled in New York State formed to help other organizations create and distribute free open-source software and open-source hardware. Anyone is eligible to ...

Structure

There is a daily updated feed of Network Vulnerability Tests (NVTs). , there were over 50,000 NVTs.

Documentation

The OpenVAS protocol structure aims to be well-documented to assist developers. The OpenVAS Compendium is a publication of the OpenVAS Project that delivers documentation on OpenVAS.

References

External links

* * * * {{DEFAULTSORT:Openvas 2005 software Free security software Network analyzers Pentesting software toolkits

History

Structure

Documentation

See also

References

External links