Automating scans via the command line


I am trying to automate vulnerability scans on my Kali machine using OpenVas. I understand that the latest version is not included in the Linux distro and that Greenbone does not support it. I am therefore trying to install it on my own from source, but I am very confused as to where to begin. There are several components on Github: openvas, gvmd, gsa, gvm-tools, gvm-libs, and python-gvm, and these are just the ones that are pinned.

My questions are: is installing from source on my own the same as a Linux distro providing the updated version of GVM?

If it is, which components do I need to install to in order to perform scans via the command line? (i.e. I have seen online on previous versions of openvas that OMP was used to create scripts for automating tasks. I am trying to achieve the same thing with the newer version)

If installing from source on my own is not the same as Kali providing it on their repo, what is the difference? And would you advise I wait for them to update it?

It is my first time trying to use OpenVas, and I would appreciate your assistance very much.

Kind Regards,

Kali 5.7:
**Kernel: Linux kali 5.7.0-kali1-amd64 #1 SMP Debian 5.7.6-1kali2 (2020-07-01) x86_64 GNU/Linux
Installation method / source:; kali-rolling

Kali has recently updated their packages to ship with our latest version GVM 11.

1 Like

Thank you very much!
For educational purposes, is there a difference between installing gvm-11 from Kali’s repo and installing from Greenbone’s github repo?

Additionally, I’m curious to know, are all the components (gvm-libs, openvas, gvmd,etc…) required to automate scans from the CLI? If not, which ones are?

Kind Regards,

Of course there are slight differences. E.g. Kali has some additional tools (see Also the sources are only shipping with example config files which may be different. You have to check the packages at


You can speak OSP to control a scanner. In that case you only need to run ospd-openvas which depends on openvas which uses gvm-libs.

If you need user management, access control, alerting, scheduling, task management, etc. etc. you better go with using GMP and therefore you need gvmd. gvmd also uses gvm-libs and requires at least one ospd-openvas instance to do a scan.