It’s time to cover some vulnerability scanning! What better way to start this than with the installation of OpenVAS? Today I will show you how to install OpenVAS on Kali Linux in a step-by-step guide for you to follow along.
Table of Contents
- What is OpenVAS?
- Step 1 – Install OpenVAS on Kali Linux
- Step 2 – Configuring OpenVAS
- Step 3 – Running your first Scan
- Finding Exploits with OpenVAS
- Troubleshooting
- PostgreSQL Version Errors v13 and v14
- PostgreSQL Version Errors v14 and v15
- OpenVAS failed to find config
- Conclusion
⚠️ Kali Linux Wiki
➡️ ➡️ Install Kali Linux on VirtualBox
➡️ Install Kali Linux on VMWare Workstation
➡️ Dual Boot Kali Linux with Windows
➡️ Install Kali Linux on WSL 2
➡️ Install Kali Linux on a Laptop
➡️ Install VSCode on Kali Linux➡️ Install OpenVAS on Kali Linux➡️ Install Docker on Kali Linux
➡️ WiFi Adapter for Kali Linux
Install OpenVAS on Kali Linux - Complete Step-by-Step Tutorial
What is OpenVAS?
OpenVAS is an open-source vulnerability scanner. OpenVAS started under the name of GNessUs, a fork of the previously open-source Nessus scanning tool (which costs you money now). OpenVAS is also under the GNU General Public License (GPL).
I personally used this software in many different kinds of assessments and was always satisfied with the results I got (keeping in mind that it is completely free).
Of course, tools like Nessus and NeXpose are more feature-rich, but they come with a high price tag too.
For starters, OpenVAS is simply perfect and gives you a good idea of how a vulnerability scanner works. I also found it very intuitive to work with.
So without further ado, let’s dive right into the installation.
Step 1 – Install OpenVAS on Kali Linux
The first thing we want to do is to make sure that our Kali installation is up-to-date. So open a terminal window and run:
Code language: Bash (bash)
sudo apt update && sudo apt upgrade -y
This will update your repository and upgrade your Kali, the -y at the end saves you a press of the button “Y” in the process.
The next thing we want to do is to install OpenVAS. Again in the Terminal type:
sudo apt install openvasCode language: Bash (bash)(Video) Install OpenVAS on Kali Linux - The Complete Step-by-Step Guide
Confirm that you are aware that an additional ~1,2 Gigabyte of Disk Space will be used by pressing Y.
Now this will take a good while. Grab a coffee or prepare some Yerba Mate while we are waiting 🙂
Once that is done we will run another command in the terminal window:
Code language: Bash (bash)
sudo gvm-setup
Note: In case you run into a PostgreSQL error – check out the troubleshooting section at the end of this article.
This is going to take very long.
Phew… That took about 2 hours for me to finish. I still didn’t get why it takes so long, but just go for a long walk and come back later…
After the setup process is finished, don’t forget to note down your password that was generated at the end, you need it to log in for the first time.
Step 2 – Configuring OpenVAS
The installation is now finished. Next, we verify if our installation is working.
Code language: Bash (bash)
sudo gvm-check-setup
I got an error (SCAP DATA are missing), but if you look through the error message, you can see that you can fix it by running:
Code language: Bash (bash)
sudo runuser -u _gvm -- greenbone-feed-sync --type SCAP
This fixed my issue.
First, we are starting the OpenVAS Service.
sudo gvm-startCode language: Bash (bash)(Video) Install and configure OpenVAS on Kali Linux 2022
Now your OpenVAS Service should be up and running. OpenVAS listens on the Ports: 9390, 9391, 9392, and on Port 80. Your web browser should automatically open and lead to the OpenVAS Login Page.
If not, open a web browser manually and enter the URL
Code language: Bash (bash)
https://127.0.0.1:9392
The first time you want to open this URL you will get a security warning. Click on Advanced and Add an Exception.
Remember the password you noted down before? Now we are going to need it.
Forgot your Admin Password?
Reset it by typing:sudo gvmd --user=admin --new-password=passwd;
Log in to OpenVAS with admin // your password
First things first – Navigate to To your User Profile / My Settings / Click on Edit and change the password.
This is basically all you need to do. OpenVAS is now running and ready for use.
Step 3 – Running your first Scan
Now it’s time to run our first scan.
As this is just the installation part I won’t go into details, but I will show you quickly how to run your first scan. There will be more articles covering OpenVAS and we will continue looking into all of the different options we have and how to process scan results.
So the easiest way is simply to Navigate to Scans / Tasks and click on the little Magic Wand icon and start the Task Wizard.
Now you can enter either a single IP, a whole subnet, a range of IP Addresses, or a domain.
This will start a default-depth scan. Depending on the scale of the Network you want to scan this can take from a few minutes up to several hours or even days if the network is large enough and you choose a deep scan.
This and more will be covered in the next article for OpenVAS, which is coming soon.
Finding Exploits with OpenVAS
I created a video a while ago on how to find Exploits using OpenVAS, which basically goes through the whole process of scanning and then finding Exploits for your findings. The video is a bit older but still valid. Give it a watch if you want to learn how to use OpenVAS in-depth.
Troubleshooting
There is a lot that can go wrong during the installation of OpenVAS as some of our readers has pointed out, therefore, we decided to create a little extra section here, covering the most common errors.
PostgreSQL Version Errors v13 and v14
There are multiple possible version errors for PostgreSQL. As our reader Tom has pointed out, the first one is:
[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (13) is not 14 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster
Solution:
Open the postgresql.conf file of version 14 and change the port to 5432:
sudo nano /etc/postgresql/14/main/postgresql.conf
Then open the postgresql.conf file of version 13 and check if the port is the same as in version 14. If it is the same – change it to 5433:
sudo nano /etc/postgresql/13/main/postgresql.conf
Restart the PostgreSQL service:
sudo systemctl restart postgresql
PostgreSQL Version Errors v14 and v15
During my installation, I got the following error affecting v14 and v15 of PostgreSQL:
[>] Starting PostgreSQL service
[-] ERROR: The default PostgreSQL version (14) is not 15 that is required by libgvmd
[-] ERROR: Use pg_upgradecluster to update your PostgreSQL cluster
Gladly, the solution to this problem was easier than the one above and might as well work for the problem above:
Code language: CSS (css)
sudo systemcctl stop postgresql@14-mainsudo /usr/bin/pg_dropcluster --stop 14 main
OpenVAS failed to find config
Another common error is the failed to find config ‘long-string-value’ message. There are multiple possible solutions for this issue. The one that worked for me is the following:
Code language: JavaScript (javascript)
sudo runuser -u _gvm – gvmd --get-scanners
Note down the scanner ID.
Then run:
Code language: JavaScript (javascript)
sudo runuser -u _gvm – gvmd --get-users --verbose
This gives you the users, including their IDs. You are probably an admin. To solve the issue, enter:
Code language: CSS (css)
sudo runuser -u _gvm – gvmd --modify-scanner [scanner id] --value [user id]
Conclusion
This is how easy it is to install OpenVAS on Kali Linux and start a basic scan. There is a lot more to learn about OpenVAS, but this should get you up and running in no time!
👀 This Tutorial has some related Articles!
👉 How to get started in Cyber Security – The Complete Guide
👉 How to get started with Bug Bounties
👉 Terminal Customization Series
👉 Best Ethical Hacking Books
👉
👉 Best Ethical Hacking Tools
👉 Install VSCode on Kali Linux
👉 Dual Boot Kali Linux with Windows
👉 Install Kali Linux on VirtualBox – Complete Beginner Guide
👉 Top Things to do after installing Kali Linux
👉 WiFi Adapter for Kali Linux – The Ultimate Guide
👉 Nmap Beginner Guide Series
👉 Metasploit Tutorial Series
👉 Burp Suite Beginner Guide
Author
Stefan
Stefan is the founder & creative head behind Ceos3c.Stefan is a self-taught Software Engineer & Cyber Security professional and he helps other people to learn complicated topics.
FAQs
How do I install and run OpenVAS? ›
- `sudo add-apt-repository ppa:mrazavi/openvas (press ENTER when prompted)”
- sudo apt-get update.
- sudo apt-get install -y sqlite3.
- sudo apt-get install -y openvas9 (select YES when prompted)
- sudo service openvas-manager restart.
OpenVAS or Open Vulnerability Assessment System is a Pen-testing framework whose collection of tools allow you to scan and test systems for known vulnerabilities. OpenVAS uses a database containing a collection of known exploits and vulnerabilities.
How to install GVM in Kali? ›- Installing OpenVAS on Kali Linux.
- Accessing web interface.
- Start and Stop OpenVAS services.
- Summary.
- References.
Kali offers a range of different vulnerability assessment tools that will help you to identify potential risks and vulnerabilities before they become a problem. Nikto: an application that scans web-based applications and web servers for known bad files that could potentially be dangerous.
What is OpenVAS called now? ›The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications. It is used by both offensive and defensive security experts to determine attack surfaces. GVM was previously known as Open Vulnerability Assessment System (OpenVAS).
How to install OpenVAS in Kali Linux 2022? ›Step 1 – Install OpenVAS on Kali Linux
This will update your repository and upgrade your Kali, the -y at the end saves you a press of the button “Y” in the process. Confirm that you are aware that an additional ~1,2 Gigabyte of Disk Space will be used by pressing Y .
The Greenbone Vulnerability Manager is a modular security auditing tool, used for testing remote systems for vulnerabilities that should be fixed. This package installs all the required packages. It provides scripts to setup, start and stop the GVM services.
Is OpenVAS still free? ›OpenVAS. The Open Vulnerability Assessment System, OpenVAS is a comprehensive open-source vulnerability scanning tool and vulnerability management system. It's free of cost, and its components are free software, most licensed under the GNU GPL.
Do pro hackers use Kali Linux? ›Kali Linux is Legal Globally
Kali Linux is mainly used for professional tasks like white hat hacking and penetration testing. However, there is a massive difference between white-hat hacking and black-hat hacking.
Kali Linux is a one-of-a-kind operating system that is used openly by both the bad and good guys. This operating system is widely used by both black hat hackers and security administrators. One prevents and detects security breachers, while the other identifies and potentially exploits security breachers.
Can Kali crack password? ›
By learning how to crack passwords with Kali, you not only learn how to break into systems, but you also get the skills necessary for defending against these types of attacks. There are many other tools available in Kali Linux that can help with this type of attack, so don't be afraid to explore them.
How manually install package in Kali Linux? ›- Introduction – Install DEB package on Kali Linux.
- Method-1: Install DEB package with DPKG.
- Method-2: Install DEB package With DPKG.
- Method-3: Install DEB Files With APT Package Manager.
- Method-4: Install DEB Files With GDEBI.
- Conclusion.
- Install Prerequisites. First install the following dependencies packages. ...
- Create the GVM User. ...
- Download and Install Software (GVM) ...
- Install gvm-libs (GVM) ...
- Install openvas-smb (GVM) ...
- Install the scanner (GVM) ...
- Fix redis for OpenVAS Install (root) ...
- Update NVT (GVM)
- Install using following command sudo apt install gvm.
- Initialize GVM sudo gvm-setup. ...
- Double check if everything is installed and configured correctly sudo gvm-check-setup.
- Start the gvm sudo gvm-start.
In Kali Linux, Malware, viruses, and Trojans are uncommon however, they do exist. ClamAV is an excellent alternative if we only need an antivirus once in a while. ClamAV is a free antivirus that we can use for online scanning, email scanning, and endpoint security.
What is the most powerful tool in Kali Linux? ›- Fluxion. Wi-Fi is growing more popular each year, making it a more attractive target of opportunity for hackers. ...
- John the Ripper. John the Ripper gets points for a creative name. ...
- Lynis. ...
- Metasploit Framework. ...
- Nikto. ...
- Nmap. ...
- Skipfish. ...
- Social Engineering Toolkit.
It is open source; this means anybody can have access to the source code. This makes it less secure compared to other operating systems as attackers can study the source code to find vulnerabilities. Linux for Hackers is about exploiting these vulnerabilities to gain unauthorized access to a system.
Is Nessus better than OpenVAS? ›When it comes to the metrics, Nessus covers a wider range of vulnerabilities than OpenVAS with support for over 50,000 CVEs compared to 26,000. Nessus is superior because it can detect more issues than OpenVAS. Nessus also has the advantage of delivering a lower false-positive rate.
Is OpenVAS a port scanner? ›The OpenVAS Scanner (openvassd) is running on TCP Port 9391 and the OpenVAS Manager (openvasmd) is running on TCP port 9390. Lastly is the redis-server on TCP 6379.
How many machines can OpenVAS scan? ›By default, OpenVAS provides eight scan configs (though one is empty) and the details of each config can be seen by clicking on them.
How install virtual Kali Linux? ›
- Step 1 Install your VMware software. Navigate to VMware Workstation Download Center. ...
- Step 2 Download the Kali Linux . ...
- Step 3 Launch your new virtual machine. ...
- Step 4 Installation Procedure. ...
- Step 5 Disk partitioning. ...
- Step 6 Configure the Package Manager. ...
- Step 7 Install GRUB boot loader. ...
- Step 8 Finished.
OpenVAS (Nessus alternative) and Nmap are very much different. You can use OpenVas to find vulnerabilities without knowing how to look for them as OpenVAS tries out numerous attacks collected from various sources, whereas you do need to know what you are doing, where to look for, with Nmap. Save this answer.
What is the difference between GVM and GVW? ›Gross Vehicle Mass (GVM) is the maximum total weight that a truck can apply to the ground (also refer to as the GVW Gross Vehicle Weight). The GVM includes the weight of cab chassis (Tare weight), body, equipment, accessories, fuel, driver, passengers and cargo.
What is the difference between GVM and ATM? ›ATM = caravan tare mass + caravan max payload. GVM = vehicle tare mass + maximum payload.
What type of tool is OpenVAS? ›OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated and authenticated testing, various high-level and low-level internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.
Which is the best vulnerability scanner? ›- Astra Pentest. It is one small security loophole v/s your entire website or web application.
- Intruder.
- Detectify.
- Acunetix. It is one small security loophole v/s your entire website or web application.
- Cobalt.IO.
- Burp Suite.
- Wireshark.
- Qualys Guard.
- Nessus.
- BurpSuite.
- Qualys Cloud Platform.
- InsightVM (Nexpose)
- Qualys VM.
- Tenable.io.
- Acunetix by Invicti.
- Zenmap.
OpenVAS is a system vulnerability scanner that checks visible ports, services it can access for known exploits, and high level web threats (like cross-site script vulnerabilities and improper file access).
Who invented Kali Linux? ›Mati Aharoni is the founder and core developer of the Kali Linux project, as well as the CEO of Offensive Security. Over the past year, Mati has been developing a curriculum designed for users who wish to make the most out of the Kali Linux operating system.
Why is Kali Linux named Kali? ›The name was inspired by the Hindu goddess Kali. Kali Linux is based on the Debian Testing branch. Most packages Kali uses are imported from the Debian repositories.
Is Parrot better than Kali? ›
Parrot OS is better in terms of offering an easy-to-use interface and tools, which can be grasped easily by beginners. However, both Kali Linux and Parrot OS provide learners with a bunch of tools they can make use of.
Which Linux is best for cyber security? ›- Download Kali Linux. Parrot security OS: ...
- Download Parrot Security OS. BackBox. ...
- Download BackBox Linux. ...
- Download Samurai Web Testing Framework. ...
- Download Pentoo Linux. ...
- Download DEFT Linux. ...
- Download Caine. ...
- Download Network Security Toolkit.
Kali Linux supports more than 500 penetration testing and cybersecurity-related applications. It is an open-source operating system, so its code is freely available online, which means you can take a look and tweak it according to your needs. It also supports multiple languages and includes many customization features.
Can Kali hack wifi? ›Attacking: It replays attacks, deauthentication, fake access points, and others via packet injection. Testing: It checks Wifi cards and driver capabilities. Cracking: It cracks WEP and WPA PSK (WPA 1 and 2) network.
Is Kali easy to learn? ›Kali Linux isn't always that difficult to study. So it's far a wonderful preference for now not simplest novices, but superior users who need to get matters up and running out of the field as nicely. Kali Linux is built pretty lots in particular for penetration checking out.
Is Kali hard to learn? ›Kali's basic moves are taught fairly quickly and you'll learn them in about a month or two months. But the thing is that Kali is very sophisticated and you'll need a lot of time to fully and completely master all the details and the moves.
How to install OpenVAS on Docker? ›- Update the apt package index and install packages to allow apt to use a repository over HTTPS: sudo apt-get update && sudo apt-get upgrade -y. ...
- Add Docker's official GPG key: ...
- Use the following command to set up the stable repository: ...
- Install Docker Engine: ...
- Install Docker Compose. ...
- Download OpenVAS repository.
If you need (or want) to create additional OpenVAS users, run 'openvasmd' with the --create-user option, which will add a new user and display the randomly-generated password. If you're anything like us, you will forget to save the admin password or accidentally delete it.
What is GVM Kali Linux? ›The Greenbone Vulnerability Manager is a modular security auditing tool, used for testing remote systems for vulnerabilities that should be fixed. This package installs all the required packages. It provides scripts to setup, start and stop the GVM services.
Is OpenVAS a vulnerability scanner? ›OpenVAS is a widely used vulnerability scanner distributed by Greenbone Networks. OpenVAS includes a variety of built-in tests and a Web interface.
How do I find my OpenVAS username and password? ›
The initial generation of OpenVAS admin password
Usually, the generation of the admin password is at the initial setup. We can also setup OpenVAS automatically using the command openvas-setup . This reduces the error that otherwise come up during manual setup. In addition, the automatic setup creates the admin user.
- Open a terminal.
- Issue command → sudo openvasmd –create-user admin.
- Issue command → sudo openvasmd –user=admin –new-password=letmein.
- Issue command → sudo openvassd stop.
- Issue command → sudo openvasmd stop.
- Issue command → sudo gsad stop.
- Issue command → sudo openvassd.
Nmap can be used by hackers to gain access to uncontrolled ports on a system. All a hacker would need to do to successfully get into a targeted system would be to run Nmap on that system, look for vulnerabilities, and figure out how to exploit them. Hackers aren't the only people who use the software platform, however.
What is the best vulnerability scanner? ›- Netsparker.
- Amazon Inspector.
- Burp Suite.
- Acunetix Vulnerability Scanner.
- Intruder.
- Metasploit.
- Nmap.
- IBM Security QRadar.
When it comes to the metrics, Nessus covers a wider range of vulnerabilities than OpenVAS with support for over 50,000 CVEs compared to 26,000. Nessus is superior because it can detect more issues than OpenVAS. Nessus also has the advantage of delivering a lower false-positive rate.