Vulnerability Scanning – OpenVAS

This post covers setting up OpenVAS9 Greenbone Security Assistant.

2019-02-25 14-23-44.png

The Dashboard:

OpenVAS (Open Vulnerability Assessment System) is an opensource tool that can be used to discover security vulnerabilities on your network.
OpenVAS uses NVTs (Network Vulnerability Tests) to actively scan your hosts by default.
Keep in mind that an Active Scan can cause an application or service to break. Therefore run in isolated non-production systems.

Installing OpenVAS is not covered in this post.

Information around installation of OpenVAS can be found here:

In this post we are going to look into these areas in a high-level overview:

  • Adjust Global My Settings (Optional)
  • Create Credentials for Authenticated Scans (Optional – but recommended)
  • Create Schedules (Optional)
  • Create Alerts (Optional)
  • Create Custom Scan Config (Optional)
  • Create Targets
  • Create Scan Tasks
  • Troubleshooting OpenVAS


In this post I am using Ubuntu Server 16.04 as OS Platform with following specifications:

50 GB Disk

OpenVAS install on Kali

OpenVAS can also easily be installed on Kali with APT.

Install OpenVAS

Setup OpenVAS

Change MySettings

Change TimeZone to reflect your zone and change default report file names to a better naming convention :

%T – for type (this case Report)
%D – for date
%t – for time
%N – name of the Scan Task

Create Credentials for Authenticated Scans

Authenticated scans provides most valuable information on a given host.

Go to Configuration>Credentials and click the “star” icon in the left corner to create a new set of credentials for authenticated scan.

OpenVAS Schedules

Set up scheduling to scan targets on a periodically basis.

Create Schedule from the Configuration Tab.

Kali-Pentester 2019-02-25 23-10-28.png

Above will run a weekly scan every week at wednesday 23.00.

In order to activate this schedule, it must be attached to a Scan Task.

Kali-Pentester 2019-02-25 23-15-17.png

OpenVAS Alerts

OpenVAS Alerts can be used to Send out an email whenever a Scan Task completes, together with attaching the scan report to the mail.

Several options exist here for alerting methods (Alerts are found under Configuration Tab) :

Kali-Pentester 2019-02-25 23-30-13.png


Configure SendMail on Ubuntu

Follow below steps to setup sendmail with OpenVAS.

cd /etc/mail/authinfo/

create an auth file with a following content. File can have any name, in this example the name is gmail-auth:


we will need to create a hash map for the above authentication file:

Put bellow lines into your configuration file right above first “MAILER” definition line:


define(SMART_HOST',[]’)dnldefine(RELAY_MAILER_ARGS', TCP $h 587′)dnldefine(ESMTP_MAILER_ARGS', TCP $h 587′)dnldefine(confAUTH_OPTIONS', A p’)dnlTRUST_AUTH_MECH(EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnldefine(confAUTH_MECHANISMS’, EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnlFEATURE(authinfo’,`hash -o /etc/mail/authinfo/gmail-auth.db’)dnl

In the next step we will need to re-build sendmail’s configuration. To do that execute:


Create a single target or a given subnet in CIDR format.

Create Scan Task


OpenVAS Scan Configs

These are default Scan Configs, its possible to adjust and create own based on what specific active tests are carried out.
These scan configs are referenced in the Scan Task, when creating a scan job.

Kali-Pentester 2019-02-25 23-19-49.png

Troubleshooting OpenVAS

Scanner log:

tail -f /var/log/openvas/openvassd.messages

Manager log:

tail -f /var/log/openvas/openvasmd.log