Vulnerability assessment is one of the most important components of risk management, with a lot of enterprise tools provided to reach this target.
One of the first questions is: can we have anything in the open source world that can provide us enterprise tool features?
Tools designed to be open source exist, NERVE (my personal fork of NERVE project https://github.com/kavat/nerve already described in a previous topic :-)) and OpenVAS (https://github.com/greenbone/openvas-scanner, developed by Greenbone) are the two main alternatives.
Both are based on NMAP (https://github.com/nmap/nmap) and provide a good level of assessment. In this article, is the turn of OpenVAS :-)
As reported in https://openvas.org/, it is developed by Greenbone and is a full-featured vulnerability scanner (it can perform vulnerability assessment and penetration test). It was born as a Nessus fork and it is able to perform unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and has a powerful internal programming language to implement any type of vulnerability test.
The scanner is continuously updated in terms of vulnerabilities (feed) and for its infrastructure. Its installation is simple and can be run compiling the sources (https://github.com/greenbone/openvas-scanner/blob/main/INSTALL.md).
The Greenbone Vulnerability Manager is a security auditing tool provided to be modular and it is used for testing targeted systems to be checked for their vulnerabilities in....
Author
Latest Articles
Wow, this sounds like a game-changer! I’m always worried about online security, so it’s awesome to know there’s a tool like Greenbone OpenVAS out there. The fact that it’s open-source and helps fix vulnerabilities is impressive. It’s like having a superhero for protecting your digital world. I can’t wait to learn more about how it works and how it can make our online experiences safer.