开放式漏洞评估系统是一个模块化的安全审计工具,用于测试远程系统中,应该是固定的漏洞。它是由两部分组成:一个扫描服务器和客户端。扫描仪/守护程序,openvassd,负责的攻击,而客户端,OpenVAS客户端,提供了一个X11 / GTK +的用户界面。该软件包提供了扫描仪。

openvas扫描仪首页 | 卡利openvas扫描器回购

  • 作者:OpenVAS
  • 许可:GPL第二版


greenbone-NVT同步 - 更新OpenVAS安全检查


openvas-的adduser - 添加OpenVAS用户


openvas-mkcert - 创建一个扫描仪证书


openvas-mkcert客户端 - 创建SSL客户端证书OpenVAS
[email protected]:~# openvas-mkcert-client -h
  openvas-mkcert-client [OPTION...] - Create SSL client certificates for OpenVAS.

  -h           Display help
  -n <name>    Run non-interactively, create certificates for user <name>
               and register user <name> with the OpenVAS scanner
  -i           Install client certificates for use with OpenVAS manager

openvas-NVT同步 - 同步的网络漏洞测试使用不同的协议

[email protected]:~# openvas-nvt-sync --help
/usr/sbin/openvas-nvt-sync: Sync NVTs using different protocols
 --rsync    sync with rsync (default)
 --wget     sync with wget
 --curl     sync with curl
 --check    just checksum check
OpenVAS administrator functions:
 --selftest  perform self-test
 --identify  display information
 --version   display version
 --describe  display current feed info
 --feedversion   display current feed version info
 --nvt-dir <dir> set directory of the NVT collection for this run
 --migrate-to-private   migrate unsigned files to private directory

Environment variables:
NVT_DIR     where to extract plugins (absolute path)
PRIVATE_SUBDIR  subdirectory of $NVT_DIR to migrate unsigned files to
OV_RSYNC_FEED   URL of rsync feed
OV_HTTP_FEED    URL of http feed
TMPDIR      temporary directory used to download the files
Note that you can use standard ones as well (e.g. http_proxy) for wget/curl

openvas-rmuser - 删除一个OpenVAS用户


openvassd - 在OpenVAS扫描仪

[email protected]:~# openvassd --help
  openvassd [OPTION...] - Scanner of the Open Vulnerability Assessment System

Help Options:
  -h, --help                      Show help options

Application Options:
  -V, --version                   Display version information
  -f, --foreground                Do not run in daemon mode but stay in foreground
  -a, --listen=<address>          Listen on <address>
  -S, --src-ip=<ip[,ip...]>       Send packets with a source IP of <ip[,ip...]>
  -p, --port=<number>             Use port number <number>
  -c, --config-file=<.rcfile>     Configuration file
  -q, --quiet                     Quiet (do not issue any messages to stdout)
  -s, --cfg-specs                 Print configuration settings
  -y, --sysconfdir                Print system configuration directory (set at compile time)
  -C, --only-cache                Exit once the NVT cache has been initialized or updated


[email protected]:~# openvas-adduser
Using /var/tmp as a temporary file holder.

Add a new openvassd user

Login : dookie
Authentication (pass/cert) [pass] :
Login password :
Login password (again) :

User rules
openvassd has a rules system which allows you to restrict the hosts that dookie has the right to test.
For instance, you may want him to be able to scan his own host only.

Please see the openvas-adduser(8) man page for the rules syntax.

Enter the rules for this user, and hit ctrl-D once you are done:
(the user can have an empty rules set)

Login             : dookie
Password          : ***********

Rules             :

Is that ok? (y/n) [y] y
user added.


[email protected]:~# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: ''.
[i] NVT dir: /var/lib/openvas/plugins
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured NVT rsync feed: rsync://
[w] Private directory '/var/lib/openvas/plugins/private' not found.
[w] Non-feed NVTs not migrated there will be deleted by rsync.
Run migration now ([y/n], any other input aborts)? y



启动OpenVAS扫描仪守护在192.168.1.202(-a,前台(-f)8888端口(-p 8888):

[email protected]:~# openvassd -f -a -p 8888
All plugins loaded