How to install free Openvas vulnerability scanner using docker and how to perform a scan

Md. Mahim Bin Firoj
4 min readOct 21, 2023

Update at 06.11.2023

Please note, when I wrote this blog, that time I did not know that this docker repo was decommissioned. You can still follow along to learn but I will very soon post my new writeup regarding new docker container of openvas and post the link here. Thanks.

Update link:

https://mahim-firoj.medium.com/greenbone-openvas-vulnerability-scanner-latest-docker-instance-installation-2179e2d39d7a

Let’s first see how we can up and running openvas very quickly using docker within 5–7 minutes in my kali machine. Although the repo is old and they are recommending not to use it but this is a great start for learning purpose. I will be covering soon the same with the latest docker image.

You just need to give the follwing commands one by one and wait to finish. Root access is required.

apt-get update && apt-get upgrade -y

apt-get install docker.io -y

docker run -d -p 443:443 --name openvas mikesplain/openvas

Once done then you will see something similar to the above image.

Now on the kali browser, type https://127.0.0.1

Default creds are admin:admin

Now you need to update the vulnerability database. Run the following commands one by one:

docker exec -it openvas bash
## inside container

export FEED=feed.community.greenbone.net
export COMMUNITY_NVT_RSYNC_FEED=rsync://$FEED:/nvt-feed
export COMMUNITY_CERT_RSYNC_FEED=rsync://$FEED:/cert-data
export COMMUNITY_SCAP_RSYNC_FEED=rsync://$FEED:/scap-data

greenbone-nvt-sync
openvasmd --rebuild --progress
greenbone-certdata-sync
greenbone-scapdata-sync
openvasmd --update --verbose --progress

/etc/init.d/openvas-manager restart
/etc/init.d/openvas-scanner restart
greenbone-scapdata-sync

I found the above one command not working properly inside docker container. This could be because the repo is too old and they don’t care to fix it.

It will take almost around <2 hours to complete. Be patient.

All the feeds are updated

How to perform a scan:

I have already performed a scan that’s why you can see some results on the dashboard. From the Scans menu, click on Tasks.

Now click on the start button where arrow is pointing. Then click on New Task.

Now click here where arrow is pointing to set your scan target, ip address of the target and credentials for authentication scan. And in the Name field, give a name for the scan. i.e. I gave sansforensics.

Again give a name of your target i.e. sansforensics. Then provide the ip address of the target. Now come to the Credentials for authenticated checks part and click on the star icon where arrow is pointing. Mention the port correctly.

Give a name again :)

And provide the credentials of your target host. Then click on Create. Leave rest of the settings as it is.

It will take you to the Task’s page. Now from here you need to click on the play or start button to start your scan. Once the scan is finish then from Scans menu, you need to click on Reports or Results to view the findings.

Troubleshooting:

Sometimes you may encounter a problem like you are hitting https://127.0.0.1 but the page is not coming. You need to check then your docker instance is running or not.

docker ps -a

docker start <container id>

Thanks. I hope this blog will help you to perform VA using openvas tool. If you find this helpful please consider to subscribe below.

LinkedIn:

https://www.linkedin.com/in/md-mahimbin-firoj-7b8a5a113/

YouTube:

https://www.youtube.com/@mahimfiroj1802/videos

--

--