# 2.2 OpenVAS Vulnerability Scan

## Table of Contents

1. [Objective](#objective)
   - Perform a vulnerability scan using OpenVAS and analyze the results.

2. [Import Libraries](#import-libraries)
   - Import required Python libraries: `gvm`, `pandas`, `seaborn`, `matplotlib`.

3. [Connect to OpenVAS and Authenticate](#connect-to-openvas-and-authenticate)
   - Establish a connection to OpenVAS using the `gvm-python` library.

4. [Launch a Vulnerability Scan](#launch-a-vulnerability-scan)
   - Start a vulnerability scan on a specific target and check its status.

5. [Retrieve and Analyze Results](#retrieve-and-analyze-results)
   - Download the scan results from OpenVAS and convert them into a Pandas DataFrame.

6. [Visualize Vulnerability Severity Levels](#visualize-vulnerability-severity-levels)
   - Create a bar chart to display the number of vulnerabilities by severity.

7. [Conclusion](#conclusion)
   - Summarize the process and explain the importance of addressing high-severity vulnerabilities.


---

#### 1. Objective:
- Perform a vulnerability assessment using OpenVAS, retrieve the results via the API, and analyze them.
- Visualize the vulnerability distribution by severity level.
- We will use the gvm-python library to interact with the OpenVAS server, launch a scan, and retrieve scan results.
- We will extract vulnerability data such as severity, name, port, and description, storing it in a Pandas DataFrame for analysis.
= Seaborn and Matplotlib will be used to create visualizations such as bar charts to represent the severity levels of the vulnerabilities found.

---

##### Step 1: Import Libraries

In [1]:
# Import required libraries
import gvm
import pandas as pd
import seaborn as sns
import matplotlib.pyplot as plt

# Display plots inline
%matplotlib inline


---

In [6]:
from gvm.connections import TcpConnection
from gvm.protocols.gmp import Gmp

# Establish a TCP connection to OpenVAS (adjust the hostname and port if needed)
connection = TcpConnection(hostname='localhost', port=9390)

# Authenticate using Greenbone Management Protocol (GMP)
with Gmp(connection) as gmp:
    # Fetch and print GMP version to verify connection
    version = gmp.get_version()
    print(f"GMP Version: {version}")

    # Perform login with admin credentials
    gmp.authenticate(username='admin', password='admin_pass')
    print("Authenticated successfully!")


ImportError: cannot import name 'TcpConnection' from 'gvm.connections' (c:\Users\rjvb6\Desktop\my-projects\venv\Lib\site-packages\gvm\connections\__init__.py)

##### Step 2: Connect to OpenVAS and Authenticate

In [5]:
from gvm.connections import UnixSocketConnection
from gvm.protocols.gmp import Gmp

# Path to the OpenVAS socket (adjust this path as per your system)
socket_path = '/var/run/openvasmd.sock'

# Establish connection using a Unix socket
connection = UnixSocketConnection(path=socket_path)

# Authenticate using Greenbone Management Protocol (GMP)
with Gmp(connection) as gmp:
    # Try fetching the version to ensure connection
    version = gmp.get_version()
    print(f"GMP Version: {version}")


AttributeError: module 'socket' has no attribute 'AF_UNIX'

##### Why is this important?
- API Control: Establishing a connection with the OpenVAS server allows you to launch scans, retrieve results, and manage security assessments remotely.
- Automation: With authenticated API access, security scans can be automated, reducing manual overhead.


---

##### Step 3: Launch a Vulnerability Scan

In [None]:
# Launch a vulnerability scan
target = '127.0.0.1'
scan_id = connection.scan(target=target, scan_config='Full and fast')

# Check scan status
status = connection.scan_status(scan_id)
print(f"Scan Status: {status}")


##### Why is this important?
- Scanning for Threats: Launching a vulnerability scan using OpenVAS provides deep insights into potential weaknesses across your network or specific hosts.
- Configuration: You can customize the scan configuration (e.g., full and fast) to optimize for different environments, allowing faster scans or more thorough assessments.


---

#### Step 4: Retrieve and Analyze Results

In [None]:
# Retrieve scan results
results = connection.get_results(scan_id=scan_id)

# Convert results to a DataFrame
vuln_data = []
for result in results:
    vuln_data.append({
        'Name': result['name'],
        'Severity': result['severity'],
        'Port': result['port'],
        'Description': result['description']
    })

df_vulns = pd.DataFrame(vuln_data)
df_vulns.head()


##### Why is this important?
- Vulnerability Analysis: Retrieving and parsing the vulnerability scan results allows you to identify which systems, services, and ports are at risk and assess the severity of those vulnerabilities.
- Structured Data: Converting the scan results into a DataFrame makes it easier to filter, group, and visualize vulnerabilities for deeper analysis.


---

##### Step 5: Visualize Vulnerability Severity Levels

In [None]:
# Visualize the vulnerabilities by severity level
plt.figure(figsize=(10, 6))
sns.countplot(data=df_vulns, x='Severity', palette='coolwarm')
plt.title('Vulnerabilities by Severity Level')
plt.ylabel('Count')
plt.xlabel('Severity')
plt.show()

---

##### Step 6: Conclusion

In [None]:
## Conclusion

In this notebook, we demonstrated how to:
1. Connect to OpenVAS and authenticate.
2. Launch a vulnerability scan on the target system.
3. Retrieve and analyze the scan results.
4. Visualize the vulnerabilities by severity level.

By identifying high-severity vulnerabilities, you can focus on addressing the most critical security issues.


##### Why is this important?
- Complete Workflow: Automating the vulnerability assessment workflow with OpenVAS helps ensure timely and thorough evaluations of network security.
- Security Prioritization: Focusing on high-risk vulnerabilities ensures that your remediation efforts are targeted and effective.