Hello Edu,
On Montag, 14. April 2008, Edu Castellarnau wrote:
> I'm thinking about develop new openVAS plugins to fit some specific
> security tests I need to do. I'm searching documentation to start
> working but I find nothing, nor Nessus doc neither openVAS one.
there is some documentation about NASL in the openvas-libnasl package
(see in the doc directory there for the nasl_guide).
> I'm thinking about adapt some perl scripts, that I'm using in a
> standalone app, to fit openVAS requirements.
NASL is a programming language of its own, so if you want
to perform the tests in form of a NASL script via OpenVAS, you
need to rewrite it in NASL. On average this should not be too
complicated as NASL offers a API that makes network tests
easier than with other bare programming languages.
However, depending on the type of your tests it might mean
you have to execute them on the target itself because the
problems you check for are not visible from outside.
This might mean you want to run some local security check
or even apply a mechanism like SLAD.
Hope this helps.
We'd welcome any contribution, so please don't hesitate
to ask if you have further questions.
Best
Jan
--
Dr. Jan-Oliver Wagner Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-devel mailing list
[email protected]
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel