Lab Setup: OpenVAS


OpenVAS is a powerful vulnerability scanning toolkit that consists of a server, client, and manager applications. It can be used to scan systems for known vulnerabilities, and to identify and exploit them. The OpenVAS vulnerability scanner is free and open source software, released under the GNU General Public License.

OpenVAS manual installation has a lot of dependencies and configuration, which sometimes lead to unknown errors and decrease productivity. Therefore, we recommend that you try to install OpenVAS with a Docker container, which only takes a couple of minutes to download and no set up is required. A docker container is a lightweight, independent, and portable operating system instance that can be created from a Dockerfile and run on a single computer or across multiple computers.


Maria was a cybersecurity professional who used OpenVAS to perform a vulnerability assessment on a company’s network. She found several vulnerabilities that could be exploited, and she reported them to the company’s IT department. The IT department was able to fix the vulnerabilities, and the company’s network was secured.


Install OpenVAS using Docker and perform a vulnerability scan to validate that OpenVAS if functioning properly.

Learning Objectives

OpenVAS is a very common and useful vulnerability scanning tool.

Downloading, installing, and configuring OpenVAS manually could be very time consuming, especially in a real-world situation where you only have a couple of days or hours to perform a vulnerability scan.

Using Docker is the solution to it all, it is pre-configured and all that is required is to download the Docker container.


Create a clean Ubuntu virtual machine OR install WSL2 on your host machine

Install docker

Install OpenVAS

Scan a Windows XP virtual machine with OpenVAS

Validation: You should find a of high-risk vulnerability related to SMB Remote Code Execution

Quality Assurance

Include your student ID in the submission: 09L0ATKY4FQ03orD3VFNWoPY4Bm1

Meet the quality expectations outlined below. We want you to go above and beyond by producing the best possible work. Make work you can be proud of!


Video Submission – Produce a clean screen recording

Quality Expectations

This exercise’s difficulty is at a Novice level. We expect you to produce quality work. For example: Work that is well presented and properly written (i.e. clean screen recording and/or formal English writing) Work that could be shared with prospective employers when applying for a job


Open chat
Hello 👋.
Tell me, how can I help you?