OpenVAS Vulnerability Scanner

-



         

Vulnerability scanning is a crucial phase of a penetration test and having an updated vulnerability scanner in your security toolkit can often make a real difference by helping you discover overlooked vulnerable items. OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
The actual security scanner is accompanied with a regularly updated feed of Network Vulnerability Tests (NVTs), over 47,000 in total (as of June 2016).
All OpenVAS products are Free Software. Most components are licensed under the GNU General Public License (GNU GPL).
 
 

Architecture Overview



The OpenVAS Manager is the central service that consolidates plain vulnerability scanning into a full vulnerability management solution. The Manager controls the Scanner via OTP (OpenVAS Transfer Protocol) and itself offers the XML-based, stateless OpenVAS Management Protocol (OMP). All intelligence is implemented in the Manager so that it is possible to implement various lean clients that will behave consistently e.g. with regard to filtering or sorting scan results. The Manager also controls a SQL database (sqlite-based) where all configuration and scan result data is centrally stored. Finally, Manager also handles user management includiung access control with groups and roles.

 
Different OMP clients are available: The Greenbone Security Assistant (GSA) is a lean web service offering a user interface for web browsers. GSA uses XSL transformation stylesheet that converts OMP responses into HTML.
OpenVAS CLI contains the command line tool "omp" which allows to create batch processes to drive OpenVAS Manager. Another tool of this package is a Nagios plugin.
 
The OpenVAS Scanner offers the communication protocol OTP (OpenVAS Transfer Protocol) which allows to control the scan execution. This protocol is subject to be eventually replaced and thus it is not recommended to develop OTP clients.

Feature overview

  • OpenVAS Scanner
    • Many target hosts are scanned concurrently
    • OpenVAS Transfer Protocol (OTP)
    • SSL support for OTP (always)
    • WMI support (optional)
OpenVAS Manager
  • OpenVAS Management Protocol (OMP)
  • SQL Database (sqlite) for configurations and scan results
  • SSL support for OMP (always)
  • Many concurrent scans tasks (many OpenVAS Scanners)
  • Notes management for scan results
  • False Positive management for scan results
  • Scheduled scans
  • Flexible escalators upon status of a scan task
  • Stop, Pause and Resume of scan tasks
  • Master-Slave Mode to control many instances from a central one
  • Reports Format Plugin Framework with various plugins for: XML, HTML, LateX, etc.
  • User Management
  • Feed status view
  • Feed synchronisation
Greenbone Security Assistant (GSA)
  • Client for OMP and OAP
  • HTTP and HTTPS
  • Web server on its own (microhttpd), thus no extra web server required
  • Integrated online-help system
  • Multi-language support
OpenVAS CLI
  • Client for OMP
  • Runs on Windows, Linux, etc.
  • Plugin for Nagios



Comments

  1. Barcode Market23 November 2021 at 13:35


    Great article by the great author, it is very massive and informative but still preaches the way to sounds like that it has some beautiful thoughts described so I really appreciate this article. Best Buy Ean Barcodes service provider

    ReplyDelete

Post a Comment

Popular posts from this blog

How to Repair Kali Linux grub after installing Windows in Dual boot System

-
Image
If your System has primary OS Windows then you install your secondary OS Kali Linux. That will be OK, Kali Linux puts boot entry of Windows automatically for you. At initial boot menu you can see both OS entry to boot. If your windows is corrupt in dual boot system or if you want to install windows as secondary OS after installing Kali Linux as primary OS. You may face corrupt boot-loader menu. You wont be able to boot Kali Linux any more because Windows wont put entry of Kali Linux automatically in their boot menu. So this post motive is to help those guys which are facing those problems subjecting to corrupt Boot-loader. There are mainly two methods: 1. Repair Grub via Kali Linux live USB. 2. Repair Grub Via Boot-rapair-disk. Method 1# Repair Grub via Kali Linux live USB It is up to you which you want to choose but if you are Linux familiar then go for this method. Requirements 1. A Kali Linux ISO image. You can download here: Download Kali Linux
Read more

PDFCrack - Password Cracking Tool for PDF-files

-
Image
PDFcrack is a GNU/Linux tool for cracking password protected PDF files. It is a very small command line application. It is not preinstalled in kali linux. We can install through command line. For installing pdfcrack open a terminal and enter apt install pdfcrack Syntax and options Usage: pdfcrack -f filename [OPTIONS]           : pdfcrack -f filenmae -w passwordfile.txt OPTIONS : -b, --bench perform benchmark and exit -c, --charset=STRING Use the characters in STRING as charset -w, --wordlist=FILE Use FILE as source of passwords to try -n, --minpw=INTEGER Skip trying passwords shorter than this -m, --maxpw=INTEGER Stop when reaching this passwordlength -l, --loadState=FILE Continue from the state saved in FILENAME -o, --owner Work with the ownerpassword -u, --user Work with the userpassword (default) -p, --password=STRING Give userpassword to speed up breaking ownerpassword (implies -o) -q, --quiet Run quietly -s,
Read more

Avet – Open Source Anti-Virus Evasion Tool

-
Image
When we want to perform an exploitation to a windows target, we need a payload that is undetectable to Antivirus Solutions. Msfvenom on its own is not enough. So we need an AV evasion tool to make this easy for us. Avet is a tool for building exe files with shellcode payloads for antivirus evasion. Installing Avet First clone the repository to our machine. git clone https://github.com/govolution/avet.git   After that go inside the folder and run the setup file to install wine and other missing components. cd avet/       Run the setup file to install the missing components.   ./setup.sh     Select create  for new installation   Running Avet There are two ways to run avet. Run avet by typing the command below. python avet_fabric.py   There are two ways to run avet. Either by compiling the make_avet script as shown below, or by  running the avet_fabric.py script, as shown. gcc -0 make_avet make_avet.c
Read more