OpenVAS (GVM) Vulnerability Scanner Notes

# Update system
sudo apt update && sudo apt upgrade

# Install GVM and OpenVAS
sudo apt install gvm openvas

# Run initial setup (takes ~30 minutes)
gvm-setup

# Start OpenVAS
gvm-start

1. Access web interface: https://localhost:9392
2. Default credentials: admin/admin
3. Change default password immediately
4. Verify NVT feed is updated

Navigate: Configurations > Targets

Target Configuration Options:
1. Single host: 192.168.1.1
2. Multiple hosts: 192.168.1.1, 192.168.1.2
3. Range: 192.168.1.1-192.168.1.254
4. CIDR: 192.168.1.0/24

Available Configurations:

1. Base
   - Purpose: Host/OS enumeration
   - No vulnerability checks
   
2. Discovery
   - Purpose: Service/hardware/port detection
   - Software enumeration
   - No vulnerability checks
   
3. Host Discovery
   - Purpose: Host alive check
   - Ping only
   - No vulnerability checks
   
4. System Discovery
   - Purpose: Detailed OS/hardware info
   - More comprehensive than Discovery
   
5. Full and Fast
   - Purpose: Complete vulnerability scan
   - Optimized NVT checks
   - Port-based vulnerability testing

Credentials Configuration:
1. SSH (Linux):
   - Username/Password
   - Public key authentication
   
2. SMB (Windows):
   - Domain
   - Username
   - Password
   
3. ESXi:
   - Username
   - Password

Steps:
1. Navigate to Scans tab
2. Click "Wizard" icon
3. Select target(s)
4. Choose scan configuration
5. Set schedule (if needed)
6. Start scan

Configure:
1. Port Range:
   - Default
   - All ports
   - Custom range

2. Timing:
   - Concurrent IPs
   - Concurrent checks
   - Network timeout

3. QoS:
   - Scan intensity
   - Auto-adjust

Navigate: Scans > Reports

Information Available:
1. Host Details
   - OS information
   - Open ports
   - Running services
   
2. Vulnerabilities
   - Severity levels
   - CVE references
   - CVSS scores
   
3. Compliance
   - Policy checks
   - Failed rules

# Export to XML
gvm-cli --protocol OSP export_report --report-id <report-id> --format xml > report.xml

# Available formats:
- XML
- PDF
- CSV
- TXT
- ITG

1. Verify target accessibility
2. Check credentials
3. Confirm scan window
4. Test network connectivity
5. Verify system resources

Scan Settings:
1. Adjust concurrent checks
2. Set appropriate timeouts
3. Configure host alive test
4. Optimize port scanning

Monitor:
1. Scanner CPU usage
2. Network bandwidth
3. Target system load
4. Disk space for results

Connection Problems:
1. Check firewall rules
2. Verify target availability
3. Test authentication
4. Review SSL/TLS settings

Performance Issues:
1. Reduce concurrent scans
2. Adjust timeout values
3. Check system resources
4. Optimize scan scope

# Check service status
systemctl status gvmd
systemctl status ospd-openvas

# View logs
tail -f /var/log/gvm/gvmd.log
tail -f /var/log/gvm/ospd-openvas.log

# Test connectivity
nc -vz target_ip port

# Update NVT feed
greenbone-nvt-sync

# Update SCAP data
greenbone-scapdata-sync

# Update CERT data
greenbone-certdata-sync

# Backup database
gvmd --backup

# Restore database
gvmd --restore

1. Regular updates
2. Strong authentication
3. Access control
4. Network isolation
5. Log monitoring

1. Use "Full and Fast" profile
2. Enable safe checks
3. Schedule during maintenance
4. Monitor target health
5. Document exceptions

Map findings to:
1. PCI DSS
2. HIPAA
3. ISO 27001
4. Custom policies

# Basic API request
curl -k -H "X-API-KEY: your-api-key" \
  https://localhost:9392/gmp \
  -d "<get_tasks/>"

Automate:
1. Scan scheduling
2. Report generation
3. Result analysis
4. Remediation tracking