[Openvas-devel] OpenVAS and Web App Security

Vlatko Kosturjak kost at linux.hr
Tue Oct 20 13:23:44 CEST 2009


Christian Kuersteiner wrote:
> I was talking with Jan about the plan to further integrate web 
> application security scans into OpenVAS. I would be interested to help 
> out there (and of course in other areas).
> 
> Could you guys elaborate on this plan? I guess the goal wouldn't be a 
> fully specialized web app security suite like WebInspect or Acunetix. On 
> the other side some basic scans are already supported with the 
> integration of nikto. So I am very keen to know what ideas you have in 
> mind, where to start it and where it should lead.

We have also integrated w3af ( http://w3af.sf.net ) recently.

Here's link to the NVT on OpenVAS SVN trunk:
http://wald.intevation.org/plugins/scmsvn/viewcvs.php/trunk/openvas-plugins/scripts/remote-web-w3af.nasl?root=openvas&view=log

Best regards,

Kost



More information about the Openvas-devel mailing list