One-click PowerShell script to deploy OpenVAS (Greenbone Vulnerability Manager) on Windows machines.
- Automatic prerequisites: Installs Chocolatey, WSL2, and Docker Desktop if missing
- Container deployment: Uses official Greenbone Community Container
- Idempotent: Safe to run multiple times
- Status check: View container health and resource usage
- Clean uninstall: Remove all components with optional data deletion
- Windows 10 (version 2004+) or Windows 11
- Administrator privileges
- 8GB+ RAM recommended
- 15GB+ free disk space
# Download and run (requires admin)
.\install-openvas.ps1The script will:
- Install Chocolatey (if missing)
- Enable WSL2 (may require restart)
- Install Docker Desktop (if missing)
- Pull and configure OpenVAS container
- Display login credentials
.\install-openvas.ps1.\install-openvas.ps1 -CheckOnly.\install-openvas.ps1 -Uninstall.\install-openvas.ps1 -LogPath "C:\logs\openvas-install.log"- Open http://localhost:9392 in your browser
- Accept the self-signed certificate warning
- Login with credentials displayed at end of install
- Change the admin password immediately
The vulnerability feeds (NVT, SCAP, CERT) sync automatically but take 30-60 minutes to complete. Until sync finishes, scans will have limited detection capability.
Check feed status in the web UI: Administration → Feed Status
- Ensure Hyper-V and WSL2 are enabled
- Try restarting after WSL2 installation
- Check Windows Features for "Virtual Machine Platform"
# View logs
docker logs openvas
# Restart container
docker restart openvas# Find process using port 9392
netstat -ano | findstr 9392The container requires ~4GB RAM minimum. Increase Docker Desktop memory limits: Docker Desktop → Settings → Resources → Memory
| File | Location |
|---|---|
| Docker Compose | %USERPROFILE%\.openvas\docker-compose.yml |
| Credentials | %USERPROFILE%\.openvas\credentials.txt |
| Container data | Docker volumes: openvas_data, openvas_logs |
- OpenVAS can be used for internal vulnerability scanning requirements (11.2.1)
- Ensure scans are performed quarterly at minimum
- Document remediation of critical/high findings
- Regular vulnerability scanning supports CC7.1 (Security Operations)
- Maintain scan logs and remediation evidence
- Configure alerts for new critical vulnerabilities
- Default credentials are randomly generated
- Credentials are stored locally in plaintext - secure the file
- Web UI uses self-signed HTTPS certificate
- Container runs with limited privileges
- Scan results may contain sensitive vulnerability data
# Pull latest container image
docker pull greenbone/community-container
# Restart to apply
docker restart openvasMIT License - See LICENSE file