English | Deutsch
Home » About

About NVT Feed

Greenbone maintains a public feed of Network Vulnerability Tests (NVTs) for the OpenVAS project. It contains more than 50,000 NVTs, growing on a permanent basis. This feed is configured as the default for OpenVAS and relates to the Greenbone Security Feed which is part of the commercial Greenbone Security Manager appliance products.

Though the Greenbone Community Feed and the Greenbone Security Feed share over 95% of the content, the Community Feed is never as current or as complete as the Greenbone Security Feed.

For online-synchronisation use the command greenbone-nvt-sync to update your local NVTs with the newest ones from the feed service. This command will download the Greenbone Community Feed unless it is executed in a Greenbone OS environment with a valid subscription key in which case it will download the Greenbone Security Feed.

Note for OpenVAS-8: Here, we had one command for each Feed. The Community Feed is downloaded with the command "openvas-nvt-sync".

For offline-updates it is also possible to download the whole Community Feed content as a single archive file (> 25 MByte). However, it is recommended to use the default rsync-based synchronisation routine because it downloads only changes and therefore is tremendously faster after the very first full download.

The OpenVAS structure

The files of the Greenbone Community Feed are signed by the "OpenVAS: Transfer Integrity" certificate. The presence of this signature does not indicate any judgement or quality control of the script itself. It is only intended to assist you in verifying the integrity of the NVT files after transfer. Thus, a valid signature only means that the script has not been modified on the way between the distribution point and your installation. See the notes at the bottom of the overview on Trusted NVTs for more information on this certificate.

Greenbone SecInfo Portal

Or browse all NVTs

Look up NVT source by OID

(you only need to enter the last element of the OID)