how does OpenVas/gvm scanner write plugins for the latest CVE’s that don’t have a public exploit? in order to identify the vulnerabilities in the network. does it do banner matching with the available CVE ?
the scanner, as part of the Greenbone vulnerability manager (GVM) scans a given target. Based on the scan results the relevant vulnerability tests are launched to dig deeper into the target.
There are detection VTs, that detect what app / service is running and it’s version.
If all needed information has been gathered during that process and dependencies for starting a vulnerability test are met, a check for the vulnerability is started against the target
If a vulnerability exists on a target, it is reported in the scan report.
After a successful scan you can use the CVE scanner, which is presenting the previously collected results.