whatisgithub

What is openvas-scanner?

greenbone/openvas-scanner — explained in plain English

Analysis updated 2026-06-26

4,595RustAudience · ops devopsComplexity · 4/5LicenseSetup · hard

In one sentence

An open-source vulnerability scanner that probes computers and network devices for known security weaknesses, missing patches, and misconfigurations, the scanning engine of the Greenbone Community Edition security suite.

Mindmap

mindmap
  root((OpenVAS))
    What it does
      Vulnerability scanning
      Network auditing
      CVE detection
    Tech stack
      C scanner
      Rust rewrite
      Docker containers
    Use cases
      Network security audits
      Compliance scanning
      CI pipeline checks
    Audience
      Security engineers
      System admins
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Scan your internal servers and network devices to find unpatched vulnerabilities before attackers do.

USE CASE 2

Run automated security audits on a schedule to maintain compliance and catch newly disclosed CVEs.

USE CASE 3

Set up a Docker-based vulnerability management lab without compiling code from source.

What is it built with?

CRustDocker

How does it compare?

greenbone/openvas-scannervoidzero-dev/vite-plusmozilla/uniffi-rs
Stars4,5954,6004,588
LanguageRustRustRust
Setup difficultyhardeasyhard
Complexity4/52/54/5
Audienceops devopsdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · hard Time to first run · 1h+

Full setup requires pulling multiple Docker containers and configuring the Greenbone suite, a pre-built VM is available for the quickest start.

Free to use, modify, and share, but any changes you distribute must also be released under the GPL license.

So what is it?

OpenVAS Scanner is the scanning component of the Greenbone Community Edition, a widely used open-source vulnerability management system. A vulnerability scanner is a tool that connects to computers or network devices and probes them for known security weaknesses, missing patches, or misconfigurations. OpenVAS does this by running a collection of tests called Vulnerability Tests, which are continually updated and extended by Greenbone to cover newly discovered issues. The scanner is used by security professionals and system administrators who want to audit their networks for problems before an attacker can find and use them. It is part of a larger suite of tools called Greenbone Vulnerability Management. The scanner itself handles the actual probing work, while other components in the suite handle scheduling, reporting, and managing the results. The repository contains two implementations of the scanner. The original is written in C and has been in use for many years. A newer Rust implementation is in progress, aiming to replace the older stack by combining the scanner, the protocol layer, and related components into a single more maintainable codebase. As of the current README, the Rust version still uses the C-based scanner as its underlying engine. The software can be built from source or run using Docker containers. Pre-built container images are available from the Greenbone registry. For those who want a ready-to-run setup without building anything, Greenbone offers a trial virtual machine with everything preconfigured. The C code is licensed under the GNU General Public License v2.0. The Rust code uses GPL v2.0 or later with an OpenSSL exception, and some files additionally carry an MIT license. Greenbone AG maintains the project, and contributions are accepted through pull requests on GitHub, with a contributor agreement required for first-time contributors.

Copy-paste prompts

Prompt 1
I have OpenVAS running via Docker. Show me the commands to scan the subnet 192.168.1.0/24 and export the results as an XML report.
Prompt 2
How do I set up the Greenbone Community Edition with Docker Compose so I can run OpenVAS scans from a browser-based dashboard?
Prompt 3
Walk me through interpreting an OpenVAS scan report, what do CVSS scores mean and how do I prioritize which findings to fix first?
Prompt 4
I want to run OpenVAS in a CI pipeline to scan a staging server after each deploy. Show me how to trigger a scan via GVM command-line tools and fail the build if critical vulnerabilities are found.

Frequently asked questions

What is openvas-scanner?

An open-source vulnerability scanner that probes computers and network devices for known security weaknesses, missing patches, and misconfigurations, the scanning engine of the Greenbone Community Edition security suite.

What language is openvas-scanner written in?

Mainly Rust. The stack also includes C, Rust, Docker.

What license does openvas-scanner use?

Free to use, modify, and share, but any changes you distribute must also be released under the GPL license.

How hard is openvas-scanner to set up?

Setup difficulty is rated hard, with roughly 1h+ to a first successful run.

Who is openvas-scanner for?

Mainly ops devops.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.