The Greenbone Vulnerability Management Tools
gvm-tools are a collection of tools that help with remote controlling a Greenbone Security Manager (GSM) appliance and its underlying Greenbone Vulnerability Management (GVM) framework. The tools aid in accessing the communication protocols GMP (Greenbone Management Protocol) and OSP (Open Scanner Protocol).
This module is comprised of interactive and non-interactive clients. The programming language Python is supported directly for interactive scripting. But it is also possible to issue remote GMP/OSP commands without programming in Python.
The documentation for
gvm-tools can be found at https://gvm-tools.readthedocs.io/. Please refer to the documentation for more details as this README just gives a short overview.
See the documentation for all supported installation options.
Please consider to always use the newest version of
python-gvm. We freqently update this projects to add features and keep them free from bugs. This is why installing
gvm-tools using pip is recommended.
gvm-tools with an old GMP version (7, 8, 9) you must use a release version that is
<21.06, combined with an
<21.05. In the
21.06 release the support of these older versions has been dropped.
Python 3.7 and later is supported.
You can install the latest stable release of gvm-tools from the Python Package Index using pip:
pip install --user gvm-tools
There are several clients to communicate via GMP/OSP.
All clients have the ability to build a connection in various ways:
* Unix Socket * TLS Connection * SSH Connection
This tool sends plain GMP/OSP commands and prints the result to the standard output.
Return the current protocol version used by the server:
gvm-cli socket --xml "<get_version/>"
Return all tasks visible to the GMP user with the provided credentials:
gvm-cli --gmp-username foo --gmp-password bar socket --xml "<get_tasks/>"
Read a file with GMP commands and return the result:
gvm-cli --gmp-username foo --gmp-password bar socket myfile.xml
gvm-cli will by default print an error message and exit with a non-zero exit code when a command is rejected by the server. If this kind of error handling is not desired, the unparsed XML response can be requested using the
gvm-cli socket --raw --xml "<authenticate/>"
This tool has a lot more features than the simple
gvm-cli client. You have the possibility to create your own custom gmp or osp scripts with commands from the python-gvm library and from Python 3 itself.
# Retrieve current GMP version version = gmp.get_version() # Prints the XML in beautiful form from gvmtools.helper import pretty_print pretty_print(version) # Retrieve all tasks tasks = gmp.get_tasks() # Get names of tasks task_names = tasks.xpath('task/name/text()') pretty_print(task_names)
There is a growing collection of gmp-scripts in the "scripts/" folder. Some of them might be exactly what you need and all of them help writing your own gmp scripts.
This tool is for running gmp or osp scripts interactively. It provides the same API as gvm-script using the python-gvm library.
Connect with given credentials via a unix domain socket and open an interactive shell:
gvm-pyshell --gmp-username user --gmp-password pass socket
Connect through SSH connection and open the interactive shell:
gvm-pyshell --hostname 127.0.0.1 ssh
For any question on the usage of
gvm-tools or gmp scripts please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub.
This project is maintained by Greenbone Networks GmbH.
Your contributions are highly appreciated. Please create a pull request on GitHub. For bigger changes, please discuss it first in the issues.
For development you should use poetry to keep you python packages separated in different environments. First install poetry via pip
pip install --user poetry
in the checkout directory of
gvm-tools (the directory containing the
pyproject.toml file) to install all dependencies including the packages only required for development.
Afterwards active the git hooks for auto-formatting and linting via autohooks.
poetry run autohooks activate --force
Copyright (C) 2017-2021 Greenbone Networks GmbH
Licensed under the GNU General Public License v3.0 or later.