rss logo

Install and use Greenbone Vulnerability Manager with the Kali Linux distribution

Kali Linux logo greenbone openvas logo

Greenbone Vulnerability Manager is a software framework that includes several tools (OpenVas, WebUI…) to perform vulnerability scans.

Indeed, with this software framework we will be able to scan a complete network or a single host to see if it is prone to known vulnerabilities.

Historically Greenbone Vulnerability Manager is a fork of the Nessus scanning tool which is now a proprietary software.

Install GVM


  • Upgrade packages:
kali@kali:~$ sudo apt update && sudo apt dist-upgrade
  • Install necesserary paquages:
kali@kali:~$ sudo apt install gvm postgresql nsis
  • Run setup script:
    • Which will:
      • Start services and create PostgreSQL database
      • Create GVM certificate files
      • Apply needed permissions
      • Update vulnerabilities databases
      • Create and set admin account
kali@kali:~$ sudo gvm-setup […] [*] Please note the password for the admin user [*] User created with password 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx'. [>] You can now run gvm-check-setup to make sure everything is correctly configured Please note the password of the user admin.
  • Start gvmd and gsad services:
kali@kali:~$ sudo systemctl start gvmd.service && sudo systemctl start gsad.service
  • Run check script:
kali@kali:~$ sudo gvm-check-setup […] It seems like your GVM-23.11.0 installation is OK.
  • Check gvmd service is running:
kali@kali:~$ sudo systemctl status gvmd.service
  • Check WebUI is waiting for a connection:
kali@kali:~$ sudo ss -ltn4p State Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN 0 4096* users:(("gsad",pid=2243,fd=10))
  • Add default admin user the right to create tasks:
kali@kali:~$ sudo gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value admin
  • Now, you should be able to connect to the address using the admin login and the associated password (use the one previously printed during the gvm-setup phase):
Kali Linux | Greenbone Vulnerability Manager > Sign in to you account Web Page

Change listening interface (Optional)

In its default configuration Greenbone Security Assistant (GSA) (WebUI) is only reachable through local address ( To be able to connect to the WebUI interface from others hosts we need to modify systemctl configuration.

  • Edit /usr/lib/systemd/system/gvmd.service:
[Unit] Description=Greenbone Vulnerability Manager daemon (gvmd) networking.service postgresql.service ospd-openvas.service Wants=postgresql.service ospd-openvas.service Documentation=man:gvmd(8) ConditionKernelCommandLine=!recovery [Service] Type=forking User=_gvm Group=_gvm PIDFile=/run/gvmd/ RuntimeDirectory=gvmd RuntimeDirectoryMode=2775 #ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock --listen-group=_gvm ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock -a Restart=always TimeoutStopSec=10 [Install]
  • Edit /usr/lib/systemd/system/gsad.service:
[Unit] Description=Greenbone Security Assistant daemon (gsad) Documentation=man:gsad(8) gvmd.service Wants=gvmd.service [Service] Type=forking User=_gvm Group=_gvm RuntimeDirectory=gsad RuntimeDirectoryMode=2775 PIDFile=/run/gsad/ #ExecStart=/usr/sbin/gsad --listen --port 9392 ExecStart=/usr/sbin/gsad --mlisten=KALI_IP_ADDRESS --listen --port 9392 Restart=always TimeoutStopSec=10 [Install] Alias=greenbone-security-assistant.service kali@kali:~$ sudo systemctl daemon-reload kali@kali:~$ sudo systemctl restart gvmd.service kali@kali:~$ sudo systemctl restart gsad.service

Useful commands

  • Update Network Vulnerability Tests:
kali@kali:~$ sudo -u _gvm greenbone-nvt-sync
  • Keeping the feeds up-to-date:
kali@kali:~$ sudo greenbone-feed-sync --type CERT kali@kali:~$ sudo greenbone-feed-sync --type SCAP kali@kali:~$ sudo greenbone-feed-sync --type GVMD_DATA
  • Create an gvadmin user:
kali@kali:~$ sudo runuser -u _gvm -- gvmd --create-user=gvadmin --password=stPassw0rd --disable-password-policy
  • Get UUIDs of all created users:
kali@kali:~$ sudo runuser -u _gvm -- gvmd --get-users
  • Change user password:
kali@kali:~$ sudo runuser -u _gvm -- gvmd --user=gvadmin --new-password=gvadmin

Using GVM

We will see here how to perform our first vulnerability scan of a predetermined host.

Create target

  • Go to Targets:
Kali Linux | Greenbone Vulnerability Manager > Configuration > Targets
  • Click New Target link:
Kali Linux | New Target link
  • Define the Target to scan by setting the ip address and giving it a Name:
Kali Linux | New Target window

Create task

  • Open Tasks:
Kali Linux | Greenbone Vulnerability Manager > Scans > Tasks
  • Click New Task icon:
Kali Linux | Greenbone Vulnerability Manager > Scans > Tasks
  • Define the New Task by setting the Name, associate the Target and by checking Schedule Once:
Kali Linux | Greenbone Vulnerability Manager > Scans > Tasks
  • Click Play button to Start the task:
Kali Linux | Greenbone Vulnerability Manager Start Task
  • After some minutes the task end, click to the Last Report link to access scan vulnerabilities report:
Kali Linux | Greenbone Vulnerability Manager, task end
  • You will have a complete report:
Kali Linux | Greenbone Vulnerability Manager, vulnerabilities report
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Contact :

contact mail address