The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. Just like a nessus it has also some feeds, and the daily updated feed of Network Vulnerability Tests (NVTs), over 20,000 in total (as of January 2011). OpenVAS is a open source means freely available and it is the key difference between OpenVAS and nessus.
OpenVAS has a server/client architecture that comprises several components. On the server (Linux only), you need four packages:
- OpenVAS-Server: The basic scanning functionality
- OpenVAS-Plugins: A set of NVTs
- OpenVAS-LibNASL and OpenVAS-Libraries: Required for server functionality
OpenVAS has a great features but the key feature that we discuss here is about integration of nikto scanner with OpenVAS, nikto is a open source web vulnerability scanner tool, for more about nikto click here. OpenVAS is able to recognise an installed version of Nikto and can integrate the results of a Nikto scan in the scan results. To learn more about this integration click here.
- Libraries 4.0.3
- Scanner 3.2.3
- Manager 2.0.2
- Administrator 1.1.1
- GSA 2.0.1
- GSD 1.1.1 / 1.2.0
- CLI 1.1.2