Skip to content

GVM 21.x Integration

xer0dayz edited this page Aug 8, 2022 · 4 revisions

First, verify that GVM is running and configured properly by running gvm-start. If no errors are displayed, ensure that you can login to the web UI at If there are any errors displayed, Sn1per may not be able to communicate with GVM properly. Run gvm-check-setup to check your setup again.

Run the following command to update the permissions: sudo chmod 777 /var/run/gvm/gvmd.sock

NOTE: This integration requires GVM 21.x and a valid Sn1per Professional v10.0 or higher to work properly.

To integrate GVM 21.x vulnerability scans into Sn1per Professional v10.0 or higher, create a copy of the default Sn1per configuration template (cp -vf /sniper/conf/default /sniper/conf/gvm_vulnerability_scan.conf) and enter the appropriate values for the following:


NOTE: You will need to specify a local (non-root) Linux account to initiate GVM 21.x scans using Sn1per by updating the "OPENVAS_RUNAS_USER" setting in your Sn1per configuration file.

To test your setup, run the following commands:

su - $OPENVAS_RUNAS_USER # Where $OPENVAS_RUNAS_USER is the non-root Linux account you setup 
gvm-cli socket --xml "<get_version/>"

This will prompt for your OpenVAS username and password. Once entered, it should display the following:

Enter username: admin
Enter password for admin: 
<get_version_response status="200" status_text="OK"><version>21.4</version></get_version_response>

After the settings have been updated to match your environment, you can initiate an OpenVAS scan automatically by running a "normal" or "vulnscan" mode in Sn1per Professional and specifying the new configuration template you just created (ie. /sniper/conf/gvm_vulnerability_scan.conf). This can also be done from the command line by running the following:

Example Usage:

sniper -t -c /sniper/conf/gvm_vulnerability_scan.conf -m vulnscan -w