Open Source Vulnerability Scanner - OpenVAS




OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.The powerful and comprehensive OpenVAS solution is available as Free Software and maintained on a daily basis.




Open Source Vulnerability Scanner: OpenVAS

The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

The actual security scanner is accompanied with a daily updated feed of Network Vulnerability Tests (NVTs), over 30,000 in total (as of April 2013).


Features

ºOpenVAS Scanner
ºMany target hosts are scanned concurrently
ºOpenVAS Transfer Protocol (OTP)
ºSSL support for OTP (always)
ºWMI support (optional)
ºOpenVAS Manager
ºOpenVAS Management Protocol (OMP)
ºSQL Database (sqlite) for configurations and scan results
ºSSL support for OMP (always)
ºMany concurrent scans tasks (many OpenVAS Scanners)
ºNotes management for scan results
ºFalse Positive management for scan results
ºScheduled scans
ºFlexible escalators upon status of a scan task
ºStop, Pause and Resume of scan tasks
ºMaster-Slave Mode to control many instances from a central one
ºReports Format Plugin Framework with various plugins for: XML, HTML, LateX, etc.
ºUser Management
ºFeed status view
ºFeed synchronisation
ºGreenbone Security Assistant (GSA)
ºClient for OMP and OAP
ºHTTP and HTTPS
ºWeb server on its own (microhttpd), thus no extra web server required
ºIntegrated online-help system
ºMulti-language support
ºOpenVAS CLI
ºClient for OMP
ºRuns on Windows, Linux, etc.
ºPlugin for Nagios


All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL).