Tuesday, August 12, 2014

kali linux - Openvas with Greenbone security assistant

so i assume you had install the kali linux and ready to install openvas


this will create the ssl cert for openvas program

this will sync the Openvas NVT database with the latest NVT and get the latest vulnerability checks

openvas-mkcert-client -n om -i
openvasmd --rebuild
this will generate a client certificate and rebuild the database

this will start the Openvas scanner and load all plugins

openvasmd --rebuild
openvasmd --backup
this will rebuild and create backup of the database

this will create a normal user

  • enter login name
  • just press enter for auth request
  • enter the password twice
  • for rules, just skip by press Ctrl + D
  • press y to add the user
openvasmd -p 9390 -a
openvasad -a -p 9393
gsad --http-only --listen= -p 9392
this will configure the port that openvas will use
the port 9392 is for the browser and you can change it for other port

now you can access OpenVAS at your browser using
you should be able to see GreenBone Security Assistant login pages

Login with your admin account

there are other easier method to start and stop Openvas after done all this.
for myself, i just use script provide by Lazykali.
just download the folder and script and save it in 1 folder and execute it using command
you can get the script at the below link



after you login,
lets start up to scan your own laptop as an example

click on Configuration > Targets

you should be able to see it got Localhost in the list, so lets add a new one into it by click the star button in red highlight as pic below

Then you give it a name and key in the IP or URL you want to scan.
Other things just left it default and click Create Target

Now you should be saw your new target added to the list.
ok, lets proceed to create a new task
click on Scan Management > New Task

Fill in the details mark in Red arrow
for the scan config, there are 4 option for you to choose (ignore test and vulne as i create it myself when i playing around). for now, i choose Full and very deep ultimate to see what it can scan and report later.

Scan target, choose the new target you created just now and click create task

Now you should be able to see your newly created task there and the status is "New"
click the play button in red highlight like the pic below to start the scan
the scan might take some time

When it done, you should be seeing something like in pic below
just click on the date itself on the for the report

then click on the red highlight button like show on the pic below for the report

For more info,
please see the video from NetSecNow as I also learn mine from there
OpenVas guide from NetSecNow


  1. Thanks for the Positive Feedback and back links! http://learnnetsec.blogspot.com

  2. Thanks for the Positive Feedback and back links! http://learnnetsec.blogspot.com