OpenVAS Vulnerability Scan

OpenVAS Help

Select Target to Test
Enter an IP Address or a Hostname to have that system tested for known vulnerabilities. Our Nmap Port Scanner service allows you to scan a range of IP Addresses; from the results select the hosts that were determined to be “UP” and enter them individually into the target box of the form.

Report Format
You are able to select an “Enhanced” report in PDF format, this contains all of the vulnerability information plus some additional open source intelligence checks regarding your IP Address. The HTML version of the report is the raw results from the tool.

Time to Test
The scan will take some time, particular if you have a web server running on the system. Thousands of tests can be performed, this may take up to an hour or even longer if your system has a high latency or is situated on a slow network.

After running your scan, please be patient.

For the Techies
You could if you are interested, take a look at your incoming packets (tcpdump or wireshark?), firewall log or web server logs. Watch the tests being performed in real time from our servers.

Use this online OpenVAS security scanner to test your Internet connected system for security issues. The results will be delivered to your email address for analysis; allowing you to start re-mediating any risks your systems face from external threats.

Note that this is an aggressive scanner, that can trigger alerts and fill up log files. It is unlikely but possible that it will affect running services. Only test systems you have permission to perform a security scan against. Read the TOS for more information.

If you run a host / network based Intrusion Detection (IDS) or Prevention system (IPS), you really should see some results from this test. It is in no way a stealthy scan.
Enter the target IP address and your email address; results are emailed after the scan has completed security testing.

Launch OpenVAS Vulnerability Scan

Access to this scan is restricted.

Membership is required to use this security vulnerability scanner. Immediate access is available to new members or login now if you have a valid membership. This restriction has recently been added, see this blog post for full details of the changes.


About OpenVAS

OpenVas is an open source vulnerability scanner that can test a system for security holes using a database of over 20’0000 known vulnerabilities. The complete OpenVas suite consists of a number of components that provide a framework for management of a complete vulnerability remediation solution.

Whether you are using the standalone tool or the service we offer here it is a great way to test an Internet connected server, firewall and listening services for configuration errors and known vulnerabilities.

Alternative Option
Best practice vulnerability scanning requires that you utilize multiple tools. This is similar to email threat mitigation using multiple solutions (an email filtering gateway and a local end point antivirus product).

So although you may use a commercial vulnerability scanner or service such as Qualys, Nessus, Nexpose, eEye, GFI, Saint, HackerGuardian or AlertSite; having a free and open option is a great way to get an alternative perspective on a system. Follow us on twitter to be altered when our vulnerability scanner comparison and review is completed.

One of the advantages of OpenVAS being open source, is that when you receive a false positive; you are able to dig into the code to determine why the vulnerability was flagged. Posting your false positive to the mailing list often results in the false positive being fixed within hours to the benefit of the whole community.