How to run nvts without ospd-openvas?

Dear all:
I have read the code of ospd-openvas, and i have found the openvas-scanner is launched via ospd-openvas, but i don’t care about the management of scanning or the high concurrency. So, would it be possible to run the nvts without ospd-openvas and get the result directly?

Thank you for your help!

That is not possible, the final result comes from the Manager that combines scan results, one example are CVE/CPE data. Plus many table checks for distribution packages for example are done via Notus.

Hi Lukas, I need help with something, can you please help me out?

Thanks for your answer!

I hava one last question .If i code a script using the key method of ospd-openvas, will openvas-scanner run successfully through my script even if GVMD is not installed? And can i retrieve the complete scan results?

You can run a single NVT with openvas-nasl. But not sure if this is what you are looking for.
If what you want is to avoid GVMd, you can still run a scan via gvm-cli through ospd-openvas.

Below is a post about how to run a single NVT (.nasl script) via openvas-nasl command line. If you search the forum for terms such as "run single .nasl file" or ".nasl file command line" you will find other discussions about how to run an NVT from the command line. However, this will not return an XML-formatted report.

Thanks for your answer !

Short answer “NO” you need much more scheduling functionality from GVMd that is not part of this, as well so get the NVT results into a report, that is done by GMVd as well :wink:

But how is the discovery phase handled here ? This is not what he wants to archive. The plan was to build a easy vulnerability scanner without management, and that is not possible. The GVMd has to much functionality to run the OpenVAS stand alone. That will simply not work. openvas-nasl is great for NVT development but not a scanner replacement :wink:

1 Like