[Openvas-devel] OpenVAS and Web App Security

Christian Kuersteiner ckuerste at gmx.ch
Tue Oct 20 11:14:02 CEST 2009


Hi,

I was talking with Jan about the plan to further integrate web 
application security scans into OpenVAS. I would be interested to help 
out there (and of course in other areas).

Could you guys elaborate on this plan? I guess the goal wouldn't be a 
fully specialized web app security suite like WebInspect or Acunetix. On 
the other side some basic scans are already supported with the 
integration of nikto. So I am very keen to know what ideas you have in 
mind, where to start it and where it should lead.

On another note I saw in the Devconf minutes that one step is to support 
virtual hosts scanning. If someone could give me some pointers to start 
with or maybe is already working on it? If some of this discussion 
should be rather in the plugins list feel free to move it there since I 
was unsure if the most changes would be in the code base or rather in 
the plugins itself.

Thanks and best Regards,

Christian


More information about the Openvas-devel mailing list