Hello team,
I want to Automate the process of OpenVAS Scanning and import the assessment results to a database for further investigation.
I guess the workaround could be:
Do you suggest any other ideas?
Maybe there is something already ready for this purpose?
Thanks in advance,
csalt
Yes, that is the workflow for automating OpenVAS. There are many options to consider for automating. Greenbone’s GMP will always return XML code that can be parsed into your custom database.
The options are (maybe others than I know):
gvm-tools includes:
You can use the python-gvm docs for support to writing custom Python scripts to interact with GMP.
Hi rippledj,
Thank you for your time to check my question and answer.
I am using the OpenVAS community edition version 22.4.
I am trying to automate the process by leveraging gvm-cli tool.
When I am trying to get the version I got the following error:
$ gvm-cli socket --xml "<get_version/>"
I have searched my Ubuntu machine to find where the file gvmd.sock is, but seems does not exist on my system.
Do you have any idea? Maybe this is because I am using the community edition.
Maybe for my case is better to use gvm-script?
To give you a more clear picture on what I want to achieve is the following:
I have my own custom tool that is storing IP addresses on a DB. So now, I want to loop through all the IP addresses that are already in my DB and execute OpenVAS scans for each IP. Finally, I would like to collect all the OenVAS results (for all IP addresses) and import them directly to my DB.
Not sure if there are limitations to using the community edition.
No, there isn’t a limit on the GB CE.
This doesn’t tell me how you installed GVM (Kali native, Docker containers, source code?).
Does this post help?
Forum likely contains posts with various solutions for this possible error.