I am trying to automate vulnerability scans on my Kali machine using OpenVas. I understand that the latest version is not included in the Linux distro and that Greenbone does not support it. I am therefore trying to install it on my own from source, but I am very confused as to where to begin. There are several components on Github: openvas, gvmd, gsa, gvm-tools, gvm-libs, and python-gvm, and these are just the ones that are pinned.
My questions are: is installing from source on my own the same as a Linux distro providing the updated version of GVM?
If it is, which components do I need to install to in order to perform scans via the command line? (i.e. I have seen online on previous versions of openvas that OMP was used to create scripts for automating tasks. I am trying to achieve the same thing with the newer version)
If installing from source on my own is not the same as Kali providing it on their repo, what is the difference? And would you advise I wait for them to update it?
It is my first time trying to use OpenVas, and I would appreciate your assistance very much.
Kind Regards,
Archer
Kali 5.7:
**Kernel: Linux kali 5.7.0-kali1-amd64 #1 SMP Debian 5.7.6-1kali2 (2020-07-01) x86_64 GNU/Linux
** Installation method / source: Kali.org; kali-rolling
Thank you very much!
For educational purposes, is there a difference between installing gvm-11 from Kali’s repo and installing from Greenbone’s github repo?
Additionally, I’m curious to know, are all the components (gvm-libs, openvas, gvmd,etc…) required to automate scans from the CLI? If not, which ones are?
You can speak OSP to control a scanner. In that case you only need to run ospd-openvas which depends on openvas which uses gvm-libs.
If you need user management, access control, alerting, scheduling, task management, etc. etc. you better go with using GMP and therefore you need gvmd. gvmd also uses gvm-libs and requires at least one ospd-openvas instance to do a scan.