Plugins that detect the presence of a malicious file or backdoor access that can potentially lead to unauthorized access to a system.
Plugins for vulnerabilities that leverage the common gateway interface.
Plugins that relate to vulnerability detection of Cisco devices.
Plugins that relate to specific database applications and their vulnerabilities.
Plugins that test Unix hosts for a variety of accounts that could be installed by default during application installation.
Plugins that directly test for vulnerabilities that cause a denial of service. This plugin family will be executed when Safe Checks are disabled.
Plugins that deal with firewall devices and software that do not have a specified family.
Plugins that deal with vulnerabilities that attempt to gain a shell on a host or device.
Plugins that mostly gather information for other checks.
Deprecated / disabled
Plugins that are host and device neutral.
Plugins that deal with mobile devices.
Plugins that specifically deal with Novell Netware.
Plugins for detection of software and vulnerabilities of peer-to-peer sharing applications.
Plugins used by the Compliance and Audit function to leverage an audit file against a host.
Plugins that gather port information.
Plugins that leverage SCADA for gathering information and vulnerability checks.
Plugins that detect the specific protocol or application listening on a port.
Plugins that specifically deal with the scanner settings and scan information.
Plugins specifically for web servers.
Plugins that relate to the Windows platform and applications.
Windows local security checks that specifically cover a Microsoft Bulletin.
Windows local security checks that specifically cover user information.
The following categories leverage data gathered using the credentials provided to a host or device:
The following categories are for plugins that deal with the specific protocol:
The interaction of data between a user and a website.
A plugin that uses the provided authentication credentials to gather information on a host or device.
A specific attack in which malicious script code could be executed by a website.
A specific attack in which a service, device, or host is rendered unusable or unreachable for its intended purpose.
A security device or software that manages the interaction between devices over a network.
A user interface for interacting with the OS or device.
A type of network that has no central server; instead each node can act as both server and client.
A control system for high-level process supervisory management.
(The words plugins and checks is used interchangeably in this context)