Vulnerability Analysisvulnerabilityscannerauditoropenvassecurity

GVM (Greenbone Vulnerability Manager)

Remote network security auditor metapackage that installs all required components for the Greenbone Vulnerability Manager, a modular tool for testing remote systems for vulnerabilities. Provides scripts to setup, start, and stop GVM services.

Description

The Greenbone Vulnerability Manager (GVM) is a modular security auditing tool used for testing remote systems for vulnerabilities that should be fixed. Previously named OpenVAS, it serves as a comprehensive solution for vulnerability assessment in network environments.

This metapackage installs all necessary components including scanners, daemons, and supporting services. It includes utility scripts that automate the setup process, service management, and system readiness checks, making it suitable for security professionals conducting regular vulnerability scans.

GVM operates through a web interface and integrates multiple services like the Greenbone Security Assistant, vulnerability manager daemon, and OpenVAS scanner, enabling detailed reporting and remediation tracking.

How It Works

GVM manages vulnerability scanning through coordinated services: openvas-scanner for network vulnerability detection, notus-scanner for additional scanning capabilities, gvmd for managing scans and databases, gsad for the web UI at https://127.0.0.1:9392, and ospd-openvas as the scanner wrapper. Setup involves PostgreSQL database creation, certificate generation via gvm-manage-certs, feed updates, and service control through systemd units. The gvm-check-setup script verifies completeness including CA certificates and scanner presence.

Installation

bash

sudo apt install gvm

Flags

-hShow help for gvm-check-setup

-a -fGenerate all certificates with force option (used in gvm-manage-certs)

-hShow help for gvm-setup

-hShow help for gvm-start

-hShow help for gvm-stop

Examples

Displays help for the GVM setup check script which tests completeness and readiness of the installation

gvm-check-setup -h

Fixes missing CA certificate by generating all certificates as the _gvm user

sudo runuser -u _gvm -- gvm-manage-certs -a -f

Shows help for the setup script that creates certificates, PostgreSQL database, applies permissions, migrates database, and updates feeds

gvm-setup -h

Runs the full GVM setup process including starting PostgreSQL, creating certificates and database, applying permissions, and updating feeds

gvm-setup

Shows help for the start script which launches GVM services and opens the web UI at https://127.0.0.1:9392

gvm-start -h

Starts all GVM services including gsad, gvmd, ospd-openvas, and notus-scanner

gvm-start

Shows help for the stop script which shuts down all GVM services via systemd

gvm-stop -h

Stops GVM services such as gsad, gvmd, ospd-openvas, and notus-scanner

gvm-stop

Updated 2026-04-16kali.org ↗