Purely for my testing I would like to amend or add to the the existing OpenVAS database or feed to add my own threats for vulnerability scanning taken from web scrapers or other sites. So that Open VAS could perform tests
Can I ask how I can add my own custom threats to the OpenVAS scanner and how I would go about structuring this.
This is purely used in a lab environment for my testing.
I am afraid there is not good documentation about it. Initially we tried to support this.
The main reason why we do not invest time into this is that this concept did not lead to a business model providing sustainable financing of the tremendous development efforts.
Concentrating on a consistent and QA’ed Feed where we can freely change anything without considering needs of uncoordinated third-party integrations is what helps us (and helps the community) so much. In 2018 we cleaned up and improved virtually all of the VTs, re-arrange API etc. It improved performance and results. We have a comprehensive automated QA system to ensure consistency of GSF and of the reduced GCF.