Where can i find the vulnerlability database of OpenVAS?

Thanks @henrik,

That sounds like a cool project!

With Greenbone, there are several moving parts in different modules, that also work with with software from other projects. So looking at the Greenbone source code only won’t show the entire picture (and using a few selected parts of it probably won’t help right now to get a working application, until you are more familiar with it).

The basics: (not only Greenbone, this is in general)

Getting the current vulnerability info.

Getting the information of the target system(s) including OS version and applications.

Comparing the two via testing and displaying a report.

There are different ways to get there. :slight_smile: To get familiar with the way Greenbone (specifically) is doing it:

Build it from source - this shows you what parts you need, as there are other software projects that Greenbone interfaces with and utilizes.

Source build guide: Greenbone Community Edition - Documentation - Redirect to latest...

Take a look at the architecture map to see how things work together here



And also look here on creating vulnerability tests:

Within the user documentation for GSM (Greenbone Security Manager) there are explanations on usage logic, which you’ll want to look over also. It’s geared towards the user side, but it’s something you’ll want for the development side. It’s linked from the documentation portal here:

and the portal also contains documentation on the API protocols and other useful things.

This is going to be a lot to look at, so what I would do is glance at the documentation, then build from source, use what you built and then re-read the documentation as you go along. But I think that should get you started.

1 Like