[Openvas-devel] OpenVAS and Web App Security
ckuerste at gmx.ch
Tue Oct 20 11:14:02 CEST 2009
I was talking with Jan about the plan to further integrate web
application security scans into OpenVAS. I would be interested to help
out there (and of course in other areas).
Could you guys elaborate on this plan? I guess the goal wouldn't be a
fully specialized web app security suite like WebInspect or Acunetix. On
the other side some basic scans are already supported with the
integration of nikto. So I am very keen to know what ideas you have in
mind, where to start it and where it should lead.
On another note I saw in the Devconf minutes that one step is to support
virtual hosts scanning. If someone could give me some pointers to start
with or maybe is already working on it? If some of this discussion
should be rather in the plugins list feel free to move it there since I
was unsure if the most changes would be in the code base or rather in
the plugins itself.
Thanks and best Regards,
More information about the Openvas-devel