How to install OpenVAS on Kali Linux

It’s time to cover some vulnerability scanning! What better way to start this than with the installation of OpenVAS? Today I will show you how to install OpenVAS on Kali Linux in a step-by-step guide for you to follow along.

What is OpenVAS?

OpenVAS is THE open source vulnerability scanner. OpenVAS started under the name of GNessUs, a fork of the previously open-source Nessus scanning tool (which costs you money now). OpenVAS is also under the GNU General Public License (GPL).

I personally used this software in many different kinds of assessments and was always satisfied with the results I got (keeping in mind that it is completely free).

Of course tools like Nessus and NeXpose are more feature-rich, but they come with a high price-tag too.

For starters, OpenVAS is simply perfect and gives you a good idea of how a vulnerability scanner is working. I also found it very intuitive to work with.

So without further ado, let’s dive right into the installation.

I install OpenVAS on a freshly installed Kali Linux in VirtualBox. If you want to know how to install Kali on Virtual Box check out this article.

You find a Video on how to Find Exploits for your OpenVAS findings on the End of this Article!


Step 1: Installing OpenVAS

The first thing we want to do is to make sure that our Kali installation is up-to-date. So open a terminal window and run:

apt-get update && apt-get upgrade -y

This will update your repository and upgrade your Kali, the -y at the end saves you a press of the button y in the process.

The next thing we want to do is to install OpenVAS. Again in the Terminal type:

apt-get install openvas

Installing OpenVAS

Confirm that you are aware that additional ~1,2 Gigabyte of Disk Space will be used by pressing Y.

Now this will take a good while. Grab a coffee or prepare some Yerba Mate while we are waiting 🙂

Once that is done we will run another command in the terminal window:


Installing OpenVAS

You can take another sip or two of your drink of choice as this will take a while again.

After the setup process is finished, don’t forget to note down your password that was generated at the end, you need it to log in for the first time.


Step 2: Configuring OpenVAS

The installation is now finished

We are going to start the OpenVAS services by typing:


Now your OpenVAS Service should be up and running. OpenVAS listens on the Ports: 9390, 9391, 9392 and on Port 80.

Open a web browser and enter the URL:

The first time you want to open this URL you will get a security warning. Click on Advanced and Add an Exception.


Remember the password you noted down before? Now we are going to need it.

Log in to OpenVAS with admin // your password

First things first – Navigate to Administration / Users and change the Password.

This is basically all you need to do. OpenVAS is now running and ready for use.

Step 3: Running your first Scan

Now it’s time to scan. As this is just the installation part I won’t go into details, but I will show you quickly how to run your first scan. There will be more articles covering OpenVAS and we will continue looking into all of the different options we have and how to process scan results.

So the easiest way is simply to Navigate to Scans / Tasks and click on the little purple Magic Wand and start the Task Wizard.

Now you can enter either a single IP or a whole subnet or just a range of IP Addresses by typing one of either: or or - 155 for example

This will start a default-depth scan. Depending on the scale of the Network you want to scan this can take from a few minutes up to several hours or even days if the network is large enough and you choose a deep scan.

This and more will be covered in the next article for OpenVAS which is coming soon.

For any additional questions, use the comment section below.

How to find Exploits with OpenVAS
Watch this video on YouTube.

11 thoughts on “How to install OpenVAS on Kali Linux”

  1. If you in trouble to execute openvas-setup… it will probably because the project was renamed, so instead of the ‘openvas-setup’ use ‘gvm-setup’.

  2. Just a heads-up: The commands no longer work and ‘gvm’ should be used instead of ‘openvas’.
    See ‘The OpenVAS framework got renamed to Greenbone Vulnerability Management (GVM) and OpenVAS (now Open Vulnerability Assessment Scanner) is now only a part of it. The article should be updated to reflect this change.. Relevant discussion may be found on the talk page. Please update this to reflect recent events or newly available information. (May 2020)’

  3. Thanks for the great articles. i followed the Top Things to do after installing KaliLinux and found the link to installing OpenVAS and running the first scan. Have you added additional articles about OpenVAS? If so, can you provide the links?

  4. I got the install to run, and it LOOKS like it’s running and listening in a netstat, but I can’t hit the web interface on the localhost. The „site can’t be reached“. This is after dealing with the security warning. I just can’t get to the dashboard to login that first time.

  5. Hi If you are using Kali linux 2017.1 then installation is become a problem. to solve this follow my steps:-
    open a terminal try this command

    #apt-get update
    #apt get install openvas
    E:Unable to locate package openvas

    then follow this steps:-
    in a new terminal type
    #sudo leafpad /etc/apt/sources.list

    leaf pad will open edit and save the source list with this scripts:

    deb kali-rolling main contrib non-free
    # For source package access, uncomment the following line
    deb-src kali-rolling main contrib non-free

    deb stretch/updates main

    after save it come back to a new terminal and type

    #apt-get install openvas

    -its start installing other process is just like same


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.