Skip to content

OpenVas

Official Documentation: https://www.greenbone.net/en/documents/

Cheat Sheet: OpenVas Commands

Purpose

OpenVAS (now part of Greenbone Vulnerability Management - GVM) is a full-featured vulnerability scanner that runs authenticated and unauthenticated scans, matches CVEs, and produces detailed reports for remediation.

Scenarios

  • CTF: On lab networks you control, run OpenVAS to find known vulnerable services and CVEs you can exploit for practice.
  • Real world: Comprehensive vulnerability assessment for servers and networks — ideal for scheduled scans and compliance checks.

All needed info to run

  • OpenVAS/GVM usually runs as a service (server + web UI). Installation on Kali: gvm packages or use apt (package names change frequently). Follow official Greenbone/GVM install docs for latest steps.
  • Web GUI (Greenbone Security Assistant) typically runs on https://localhost:9392 after setup.
  • Requires:
  • Proper installation & initial setup (feed update — vulnerability signatures).
  • For authenticated scans: credentials (SSH, SMB, Windows creds) or agent setup.
  • Network/firewall access to target hosts.
  • Typical workflow:
  • Update vulnerability feeds (takes time): gvm-feed-update or via GUI.
  • Create target (IP or range) and scan config (full, discovery-only, etc.).
  • Launch scan and monitor progress.
  • Export reports (PDF, CSV, XML).

Example commands & outputs

# Example (service-style) — check status
$ sudo systemctl status gvm
# Output snippet:
# ● gvm.service - Greenbone Vulnerability Manager
#    Loaded: loaded (/lib/systemd/system/gvm.service; enabled)
#    Active: active (running) since ...

# Start feed update (may differ by install)
$ sudo gvm-feed-update
# Output snippet:
# Updating NVTs, CERT, SCAP databases...
# Feed update finished.

# Using the web UI:
# 1. Open https://localhost:9392
# 2. Login with admin credentials
# 3. Create Target -> Create Task -> Start Task
# Scan results (GUI) show severity, CVE IDs, and remediation steps.

OpenVAS / GVM Basics

  • OpenVAS/GVM setup can be complex and feed updates take time (GBs). Be patient.
  • Use authenticated scans (with valid creds) for best coverage; unauthenticated scans miss host-level issues.
  • Installation steps/command names may vary by distro and GVM version — consult Greenbone docs.
  • Scans are noisy; get permission and schedule during low-impact windows in production.

OpenVAS / GVM Commands