Explore chapters and articles related to this topic
Reconnaissance
Published in Nicholas Kolokotronis, Stavros Shiaeles, Cyber-Security Threats, Actors, and Dynamic Mitigation, 2021
Christos-Minas Mathas, Costas Vassilakis
The Open vulnerability assessment system (OpenVAS)31 is an open-source system of services and tools for network device vulnerability scanning. It consists of two main services: the OpenVAS Scanner, performing the network vulnerability tests (NVTs) and the OpenVAS Manager, controlling the OpenVAS Scanner as well as offering an OpenVAS management protocol (OMP) endpoint. Through active probing, it can perform a complete network assessment or target to specific devices, identifying software vulnerabilities as well as vulnerabilities owing to software or system misconfigurations. Its vulnerability test database is updated daily, through the Greenbone Community Feed (GCF), containing more than 50K tests, while a paid subscription to the Greenbone Security Feed (GSF) can be used to gain access to a more comprehensive test database. Scan results can be analyzed in an automated fashion. It is possible to also conduct prognostic scans, which are based on asset data and current SCAP [34] data and do not necessitate the actual execution of a scan. If a scan has been performed more than once a vulnerability trend is also calculated and a delta report, containing only the difference between two reports, can be created and exported. OpenVAS provides a web interface and a command-line interface (CLI), while it can also be integrated with third-party tools such as nmap (c.f. subsection 2.4.1), ike-scan32, and debscan33.
AI-enabled IoT penetration testing: state-of-the-art and research challenges
Published in Enterprise Information Systems, 2023
Claudia Greco, Giancarlo Fortino, Bruno Crispo, Kim-Kwang Raymond Choo
- It is an open-source framework used to perform vulnerability scanning and management, equipped with a graphical interface. Previously known as OpenVAS, it is a component of the larger ‘Greenbone Security Manager’ (GSM), and it was born as a fork of Nessus after its software became proprietary.