Araştırma Makalesi

Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications

Cilt: 16 Sayı: 2 31 Mayıs 2026
EMO Bilimsel Dergi Kapak
EMO Bilimsel Dergi
PDF İndir
TR EN

Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications

Öz

Web applications, which serve as the primary interface between users and organizational systems, represent a particularly critical attack surface that requires specialized attention to ensure their security. Common web application vulnerabilities, such as SQL injection, cross-site scripting (XSS), and insecure authentication mechanisms, can provide attackers with direct access to sensitive data and backend systems. Therefore, it is crucial for vulnerability scanning tools to effectively detect and report web application security flaws. Vulnerability scanning tools are widely used to detect risks in the software and hardware used in information systems. However, owing to the variety of software and hardware used in information systems, vulnerability scanning and detection tools have very different capabilities. These differences in capabilities make it difficult to compare the vulnerability scanning tools. In this study, after determining the necessary comparison criteria for general information system and web application vulnerability detection, the widely used Nessus, Qualys, and OpenVAS vulnerability scanning tools were examined. The results were compared by running the vulnerability scanning tools on operating systems and web applications known to contain vulnerabilities.

Anahtar Kelimeler

Etik Beyan

Etik kurul ihtiyacı bulunmamaktadır.

Kaynakça

  1. [1] S. Pandey and A. Chaudhary, “Vulnerability scanning,” 2023. doi: 10.36227/techrxiv.20317194.v1.
  2. [2] R. Kushe, “Comparative study of vulnerability scanning tools: Nessus vs Retina,” INTERNATIONAL SCIENTIFIC JOURNAL “SECURITY & FUTURE,” vol. 1, no. 2, pp. 69–71, 2017.
  3. [3] T. Singh and A. Kumar, “Analyzing security and privacy issues for multi-cloud service providers using Nessus,” in 2023 5th International Conference on Electrical, Computer and Communication Technologies, ICECCT 2023, Inc., doi: 10.1109/ICECCT56650.2023.10179727.
  4. [4] K. Boonchuay, W. Siripaktanakon, O. Sangpetch, and A. Sangpetch, “Software vulnerability assessment: Vendor, Scanner, and User Analysis,” in Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom, IEEE Computer Society, 2022, pp. 214–221. doi: 10.1109/CloudCom55334.2022.00038.
  5. [5] I. Chalvatzis, D. A. Karras, and R. C. Papademetriou, “Evaluation of security vulnerability scanners for small and medium enterprises business networks resilience towards risk assessment,” in 2019 IEEE International Conference on Artificial Intelligence and Computer Applications (ICAICA), 2019. doi: 10.1109/ICAICA.2019.8873438.
  6. [6] M. A. Muin, Kapti, and T. Yusnanto, “Campus website security vulnerability analysis using Nessus,” International Journal of Computer and Information System (IJCIS) Peer Reviewed-International Journal, vol. 03, no. 2, pp. 79–82, 2020, doi: 10.29040/ijcis.v3i2.72.
  7. [7] C. Ozturk and M. Kara, “5th International Eurasian Conference on Science, Engineering and Technology (EurasianSciEnTech 2024),” in Practical Comparison of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools, Ankara:, Jun. 2024, pp. 710–716.
  8. [8] M. Fu, C. K. Tantithamthavorn, V. Nguyen, and T. Le, “ChatGPT for Vulnerability Detection, Classification, and Repair: How Far Are We?,” in Proceedings - Asia-Pacific Software Engineering Conference, APSEC, IEEE Computer Society, 2023, pp. 632–636. doi: 10.1109/APSEC60848.2023.00085.

Ayrıntılar

Birincil Dil

İngilizce

Konular

Elektrik Mühendisliği (Diğer)

Bölüm

Araştırma Makalesi

Yazarlar

Yayımlanma Tarihi

31 Mayıs 2026

Gönderilme Tarihi

20 Şubat 2026

Kabul Tarihi

28 Mayıs 2026

Yayımlandığı Sayı

Yıl 2026 Cilt: 16 Sayı: 2

IZ

https://izlik.org/JA37UJ35NS

Kaynak Göster

RIS / Bibtex
APA
Kara, M. (2026). Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications. EMO Bilimsel Dergi, 16(2), 103-112. https://izlik.org/JA37UJ35NS
AMA
1.Kara M. Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications. EMO Bilimsel Dergi. 2026;16(2):103-112. https://izlik.org/JA37UJ35NS
Chicago
Kara, Mehmet. 2026. “Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications”. EMO Bilimsel Dergi 16 (2): 103-12. https://izlik.org/JA37UJ35NS.
EndNote
Kara M (01 Mayıs 2026) Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications. EMO Bilimsel Dergi 16 2 103–112.
IEEE
[1]M. Kara, “Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications”, EMO Bilimsel Dergi, c. 16, sy 2, ss. 103–112, May. 2026, [çevrimiçi]. Erişim adresi: https://izlik.org/JA37UJ35NS
ISNAD
Kara, Mehmet. “Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications”. EMO Bilimsel Dergi 16/2 (01 Mayıs 2026): 103-112. https://izlik.org/JA37UJ35NS.
JAMA
1.Kara M. Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications. EMO Bilimsel Dergi. 2026;16:103–112.
MLA
Kara, Mehmet. “Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications”. EMO Bilimsel Dergi, c. 16, sy 2, Mayıs 2026, ss. 103-12, https://izlik.org/JA37UJ35NS.
Vancouver
1.Mehmet Kara. Scanning Capabilities of Nessus, Qualys and OpenVAS Vulnerability Scanner Tools for Vulnerable Operating Systems and Web Applications. EMO Bilimsel Dergi [Internet]. 01 Mayıs 2026;16(2):103-12. Erişim adresi: https://izlik.org/JA37UJ35NS

EMO BİLİMSEL DERGİ
Elektrik, Elektronik, Bilgisayar, Biyomedikal, Kontrol Mühendisliği Bilimsel Hakemli Dergisi
TMMOB ELEKTRİK MÜHENDİSLERİ ODASI 
IHLAMUR SOKAK NO:10 KIZILAY/ANKARA
TEL: +90 (312) 425 32 72 (PBX) - FAKS: +90 (312) 417 38 18
bilimseldergi@emo.org.tr