OpenVAS - Vulnerability Scanner and Manager

  •        0

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. It is designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

http://www.openvas.org/

Tags
Implementation
License
Platform

   




Related Projects

PyLoris - Vulnerability test for DOS attack


PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

Wapiti - Web application vulnerability scanner / security auditor


Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. It is able to differentiate ponctual and permanent XSS vulnerabilities.

OWASP Joomla Vulnerability Scanner Project


Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site. A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site. It Searches known vulnerabilities of Joomla! and its components, Web application firewall detection and lot more.

IronWASP - Iron Web application Advanced Security testing Platform


IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.

Reaver - Security Scanner


Reaver is a network vulnerability scanner built on top of Nessus with an easy to use quot;web front-endquot; and reporting system. Reaver will aid administrators in identifying, cataloguing and remediation of security vulnerability...DEV -missing web interface

Nogotofail - Network Security Testing Tool


Nogotofail is a network security testing tool designed to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way. It includes testing for common SSL certificate verification issues, HTTPS and TLS/SSL library bugs, SSL and STARTTLS stripping issues, cleartext issues, and more.

brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications


A static analysis security vulnerability scanner for Ruby on Rails applications

w3af - Web Application Attack and Audit Framework


w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to help you secure your web applications by finding and exploiting all web application vulnerabilities. It can find Cross site scripting, SQL Injection and lot more. The framework implements web and proxy servers which are easy to integrate into your code in order to identify and exploit vulnerabilities.

SecuBat Vulnerability Scanner


SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.

Beef - Browser Exploitation Framework


BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser.

Watcher: Web security testing tool and passive vulnerability scanner


A Fiddler plugin that passively checks web application's for a variety of security issues. Watcher acts as assistant to the web developer, tester, or security auditor, by quickly identifying real issues and hot-spots that commonly lead to security problems in web apps.

Benchmark


The OWASP Benchmark Project is a Java test suite designed to verify the speed and accuracy of vulnerability detection tools. The initial version is intended to support Static Analysis Security Testing Tools (SAST). A future release will support Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interactive Analysis Security Testing Tools (IAST). The goal is that this test application is fully runnable and all the vulnerabilities are actually exploitable so its a fair test for an

Network-Vulnerability-Alert-Tool


As a part of master’s mini-project, I have developed a software tool which can find out open ports in a network and service running in each of the ports by automating Nmap. The network administrator will get informed about the current network conditions and the details regarding the latest security patches for the services running in those ports. The tool grabs security patch details published in the websites in real time by using the potentials of Semantic web

Metasploit Framework - World's most used penetration testing software


Metasploit, helps verify vulnerabilities and manage security assessments. It makes it easy to automate all phases of a penetration test, from choosing the right exploits to streamlining evidence collection and reporting.

darklight-nova-core - An open source security vulnerability simulation platform.


An open source security vulnerability simulation platform.

drone_openvas - Drone for the OpenVAS Vulnerability Assessment System (http://www.openvas.org/)


Drone for the OpenVAS Vulnerability Assessment System (http://www.openvas.org/)

MSRC-Microsoft-Security-Updates-API - Repo with getting started projects for the Microsoft Security Updates API (portal


Microsoft provides an API for getting security update details using Common Vulnerability Reporting Format. View our blog post for more info.The Security Updates Guide is a great place to find security updates in a browser, and the Security Updates API is intended for doing automation around Microsoft security updates.

DevSkim - DevSkim is a set of IDE plugins and rules that provide security "linting" capabilities.


DevSkim is a framework of IDE extensions and Language analyzers that provide inline security analysis in the dev environment as the developer writes code. It is designed to work with multiple IDEs (VS, VS Code, Sublime Text, etc.), and has a flexible rule model that supports multiple programming languages. The idea is to give the developer notification as they are introducing a security vulnerability in order to fix the issue at the point of introduction, and to help build awareness for the developer.Please access those projects to download the plugin, open issues, or contribute content.

Sqlmap - Automatic SQL injection and database takeover tool


sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

WaspToucher-WaspToucher


Wasp Toucher aims to provide a passive vulnerability security scanner for web applications.