How to do it...

1. To install OpenVAS on Kali Linux use the apt install openvas command:

root@kali:~# apt-get install openvas

1. Then use the openvas-setup command to set up OpenVAS, download the latest rules, create an admin user, and start up the various services:

root@kali:~# openvas-setup

1. When the setup is finished, the OpenVAS manager, scanner, and GSAD services should be listening. To start OpenVAS, use the openvas-start command:

root@kali:~# openvas-start
Starting OpenVas Services
root@kali:~#

1. Before we can use OpenVAS inside msfconsole, we need to load the OpenVAS plugin using the load command:

msf > load openvas 
[*] Welcome to OpenVAS integration by kost and averagesecurityguy.
[*] 
[*] OpenVAS integration requires a database connection. Once the 
[*] database is ready, connect to the OpenVAS server using openvas_connect.
[*] For additional commands use openvas_help.
[*] 
[*] Successfully loaded plugin: OpenVAS
msf >

1. We can use the help command to display all the available OpenVAS commands we can use inside msfconsole:

msf > help openvas

OpenVAS Commands
================

    Command Description
    ------- -----------
    openvas_config_list Quickly display list of configs
    openvas_connect Connect to an OpenVAS manager using OMP
    ...

    openvas_task_start Start task by ID
    openvas_task_stop Stop task by ID
    openvas_version Display the version of the OpenVAS server

msf >

1. To connect to the OpenVAS manager using OMP, we use the openvas_connect followed by the OpenVAS username, password, and the OpenVAS server IP address and port:

msf > openvas_connect admin 596230dc-cfe0-4322-a7b7-025d11a28141 127.0.0.1 9390
[*] Connecting to OpenVAS instance at 127.0.0.1:9390 with username admin...
/usr/share/metasploit-framework/vendor/bundle/ruby/2.3.0/gems/openvas-omp-0.0.4/lib/openvas-omp.rb:201:in `sendrecv': Object#timeout is deprecated, use Timeout.timeout instead.
[+] OpenVAS connection successful
msf >

1. After connecting to the OpenVAS server, we need to specify our target using the openvas_target_create command followed by the name we want to give to our target, the IP address of the target, and a description or comment about the target:

msf > openvas_target_create "Metasploitable3" 192.168.216.10 "Windows Target"
[+] OpenVAS list of targets

ID Name Hosts Max Hosts In Use Comment
-- ---- ----- --------- ------ -------
83d3d851-150a-4d1b-80e3-04bb90d034cb Metasploitable3 192.168.216.10 1 0 Windows Target

msf >

1. The  openvas_config_list displays the list of configurations we can use to scan the target:

msf > openvas_config_list 
[+] OpenVAS list of configs

ID Name
-- ----
085569ce-73ed-11df-83c3-002264764cea empty
2d3f051c-55ba-11e3-bf43-406186ea4fc5 Host Discovery
698f691e-7489-11df-9d8c-002264764cea Full and fast ultimate
708f25c4-7489-11df-8094-002264764cea Full and very deep
...

msf >

1. Now, we need to create a task using the openvas_task_create followed by the task name, comment, the config ID, and target ID:

1. To start the task, we will use the openvas_task_start followed by the task ID:

1. To monitor the progress, we use the openvas_task_list command:

1. The openvas_format_list will display the list of report formats supported by OpenVAS:

1. To see if the task has completed, use the openvas_task_list command:

1. When the scan is finished, we can use the openvas_report_list command to list the available reports:

1. And use the openvas_report_import command to import the report into Metasploit. Only the NBE (legacy OpenVAS report) and XML formats are supported for importing:

1. After importing the report into Metasploit, we can use the msfconsole database vulns command to list the vulnerabilities found: