Whether openvas tests services during scanning



Whether openvas tests services during scanning ?

Are any exploits used during the scan?



a vulnerability scanner is for sure using exploits and similar for doing its job. The following should give you some more insights on the “Vulnerability scanning” topic:




Does OpenVAS find vulnerabilities only based on the installed version of the software (question whether the version in the repo has the same source code as the one from the official website) or tries to perform an automatic attack by testing in this way whether the hole actually occurs?


OpenVAS/GVM is using both, banner/version based checks as well as active attacks (exploits, SQL Injections, …) against a target system and its services/applications.