Skip to content

OpenVAS

Examples

OpenVAS
1
2
3
cat openvas.xml | reptor openvas
cat openvas.xml | reptor openvas --upload  # Upload findings as notes
cat openvas.xml | reptor openvas --push-findings  # Create findings from scan results

Pushed OpenVAS findings

OpenVAS findings as notes

Filter your OpenVAS results:

OpenVAS Filter
1
2
3
4
5
cat openvas.xml | reptor openvas --min-qod 50 --push-findings
cat openvas.xml | reptor openvas --severity-filter medium-critical --push-findings
cat openvas.xml | reptor openvas --include-plugins 1.3.6.1.4.1.25623.1.0.103674 --push-findings
cat openvas.xml | reptor openvas --exclude-plugins 1.3.6.1.4.1.25623.1.0.103674 --push-findings
reptor openvas -i openvas_1.xml openvas_2.xml --push-findings  # Use multiple input files

You can add those filter settings to your config by running:

OpenVAS conf
1
reptor openvas --conf

Usage

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
usage: reptor openvas [-h] [--conf] [-i [INPUT ...]]
                      [--format | --upload | --push-findings | --template-vars | --parse | --upload-finding-templates]
                      [--severity-filter SEVERITY_FILTER] [--min-qod MIN_QOD]
                      [--exclude EXCLUDED_PLUGINS]
                      [--include INCLUDED_PLUGINS]

OpenVAS vulnerability importer

optional arguments:
  -h, --help            show this help message and exit
  --conf, --config      Configure plugin settings
  -i [INPUT ...], --input [INPUT ...]
                        Input file, if not stdin (multiple files allowed)
  --format
  --upload
  --push-findings
  --template-vars       Print template variables (needed for finding template customization).
  --parse
  --upload-finding-templates
                        Upload local finding templates to SysReptor
  --severity-filter SEVERITY_FILTER
                        Filter findings by severity comma-separated ("high,medium") or as range ("medium-critical")
  --min-qod MIN_QOD     Minimum OpenVAS Quality of Detection (QoD) to include (0-100)
  --exclude EXCLUDED_PLUGINS
                        Exclude plugin IDs, comma-separated
  --include INCLUDED_PLUGINS
                        Include plugin IDs, comma-separated; default: all are included

OpenVAS XML export

You can use the following filter to export all findings. 

1
apply_overrides=0 min_qod=0 first=1 sort-reverse=severity rows=1000

If you want to export (more than 1.000) rows, set ignore_pagination="1". One way to do this is to run the following commands as an unprivileged user.

Export findings as XML
1
2
3
user="your OpenVAS username"
report_id="your report id"
gvm-cli --gmp-username "$user" socket --xml "<get_reports report_id=\"$report_id\" ignore_pagination=\"1\" details=\"1\" />"