Back to course

Introduction to OpenVAS (Vulnerability Scanner Tool)

Cyber Security Mastery: From Zero to Hero

Comprehensive Vulnerability Scanning

While Nmap helps with discovery and basic checks, dedicated vulnerability scanners perform deep, credentialed checks for known flaws across all layers.

OpenVAS (Open Vulnerability Assessment System), now part of the Greenbone Vulnerability Manager (GVM), is a powerful, open-source vulnerability scanning framework.

How OpenVAS Works

  1. Network Feed: OpenVAS maintains a continuously updated feed of Network Vulnerability Tests (NVTs).
  2. Scan Configuration: The user defines the target IP range and the type of scan (full, fast, credentialed, non-credentialed).
  3. Execution: The scanner probes the target and compares service banners, file versions, and configuration settings against its database of known vulnerabilities.
  4. Reporting: Generates a detailed report listing vulnerabilities, their CVSS score, and suggested remediation steps.

Key Difference from Nmap: OpenVAS goes deeper, checking for configuration errors and missing patches, rather than just confirming if a port is open.