Formerly "integrated" tools

In earlier versions of OpenVAS (6 & 7), there was a collection of auxiliary tools including “pnscan”, “strobe”, “dirb”, “Arachni”, “nikto”, “portbunny”, etc.

These tools were said to be “integrated”, but in OpenVAS-9 only “NMap” remains essential.
Will the omission of other tools degrade the quality of OpenVAS scans ?

None of the tools you mention added to the core value of the actual vulnerability scanner. Some are nice though and can assist pen-testers or provide an additional view.

Actually, it was not a “integration”. Technically speaking some script called the external binaries and
collected and returned the output. Apart from port scanners it was isolated from the rest of the scan logic.

Already years ago I argued that this architecture is not suitable and proposed a new architecture where the central management service can control and orchestrate multiple scanners of arbitrary types. A central outcome is OSP (Open Scanner Protocol) which you can use to wrap any scanner and let it be managed by gvmd. There are a couple of examples at our github for such wrappers.

The OSP concept is not yet where I ultimately want it to be. But the works continued pretty intensively last year. Please have a look here for more about it:

1 Like

Thank you for explaining.