I have recently started to read about OpenVAS, with the intent of using it to scan a network of possibly vulnerable hosts. I am using VirtualBox with a Debian 10: since the documentation suggests development is done in this operating system, it seemed like the best choice to run the tool.
In order to explore the tool, I decided to compile from source code only the recent OpenVAS 20. Not the entire GVM; just the OpenVAS module. Yet, from my understanding, the initial OpenVAS was a complete framework. Perhaps now it will not work on its own. So, my very first question is: does it even make sense to do this, i.e., install OpenVAS 20.08 without installing all the GVM?
I realized OpenVAS would not install without the required GVM Libraries, so I installed them from source too. Everything seems to have been installed correctly. When writing
openvas, bash says “command not found”; an expected behaviour when installing from source, from what my little experience with Linux has taught me. So I tried running the
openvas executable inside src using sudo, but nothing happens: no errors and no output whatsoever. Furthermore, when using
greenbone-nvt-sync inside the tools folder, it yields “the rsync binary could not be found”.
Searching has resolved most of my problems, but my efforts have come to a halt. Shedding some light on faulty assumptions or endeavours from my part would be much appreciated.