# Nessus Attack Scripting Language > scripting language that is used by vulnerability scanners like Nessus and OpenVAS **Wikidata**: [Q2251622](https://www.wikidata.org/wiki/Q2251622) **Wikipedia**: [English](https://en.wikipedia.org/wiki/Nessus_Attack_Scripting_Language) **Source**: https://4ort.xyz/entity/nessus-attack-scripting-language ## Summary Nessus Attack Scripting Language (NASL) is a scripting language designed for writing security checks and vulnerability tests in vulnerability scanners like Nessus and OpenVAS. It enables security professionals to create custom plugins that detect specific vulnerabilities in networked systems. ## Key Facts - Instance of: programming language - Aliases: NASL - Used by: Nessus and OpenVAS vulnerability scanners - Wikipedia titles: "Nessus Attack Scripting Language" (English), "NASL" (Dutch) - Wikidata description: "scripting language that is used by vulnerability scanners like Nessus and OpenVAS" - Google Knowledge Graph ID: /g/121vfflg - Wikipedia sitelink count: 2 (English and Dutch) - Related to: programming language (class) with 161 sitelinks ## FAQs ### Q: What is NASL used for? A: NASL is used to write security plugins and vulnerability tests for network scanners like Nessus and OpenVAS. Security professionals use it to create custom checks that detect specific vulnerabilities in systems and applications. ### Q: Is NASL a general-purpose programming language? A: No, NASL is a specialized scripting language designed specifically for security testing and vulnerability assessment. Unlike general-purpose languages, it's optimized for network scanning tasks and security plugin development. ### Q: What scanners support NASL? A: NASL is primarily used by Nessus and OpenVAS vulnerability scanners. These tools use NASL plugins to perform security assessments and identify vulnerabilities in networked systems. ## Why It Matters Nessus Attack Scripting Language plays a crucial role in cybersecurity by enabling the creation of custom vulnerability detection tools. In an era where new security threats emerge daily, NASL allows security professionals to quickly develop and deploy tests for specific vulnerabilities before they can be exploited. The language bridges the gap between general-purpose programming and specialized security testing, making it accessible for security teams to create targeted assessments without deep programming expertise. By powering popular scanners like Nessus and OpenVAS, NASL has become a standard tool in penetration testing and vulnerability management workflows, helping organizations identify and remediate security weaknesses before attackers can exploit them. ## Notable For - Specialized design for vulnerability scanning and security testing - Powers two major open-source vulnerability scanners (Nessus and OpenVAS) - Enables rapid development of custom security plugins - Standardized language for the vulnerability assessment industry - Provides accessible security testing capabilities without requiring deep programming expertise ## Body ### Technical Foundation NASL operates as a domain-specific language built for security testing scenarios. The language provides built-in functions and libraries specifically designed for network operations, port scanning, and vulnerability detection patterns. ### Integration with Vulnerability Scanners Both Nessus and OpenVAS utilize NASL as their primary plugin language. These scanners maintain extensive libraries of NASL scripts that test for thousands of known vulnerabilities across different platforms and applications. ### Security Testing Workflow NASL scripts typically follow a structured pattern: network discovery, service identification, vulnerability checking, and reporting. This standardized approach allows security teams to create consistent and reliable security assessments. ### Plugin Development Security professionals can write NASL plugins to detect custom vulnerabilities or test for specific security configurations. The language's specialized functions make it easier to implement complex security checks without extensive programming overhead. ### Industry Standard NASL has become the de facto standard for vulnerability scanner plugin development. Its widespread adoption means that security tools and methodologies built around NASL are transferable between different scanning platforms that support the language.