You can follow these steps:
- Create a new scan config as explained in https://docs.greenbone.net/GSM-Manual/gos-20.08/en/scanning.html#creating-a-scan-configuration with the “Full and Fast” base
- Edit the VT preference like explained in https://docs.greenbone.net/GSM-Manual/gos-20.08/en/scanning.html#editing-the-vt-preferences for the VT “Global variable settings”
- Set the “Enable generic web application scanning” option from step 2. to “yes”
- Save the scan config
- Create a new task using this new scan config.
But again please note that this is really only checking for basic SQL injections, you won’t get a throughout coverage of unknown SQL injections by GVM and this needs a dedicated WAS.