Awesome Open Source
Awesome Open Source

Greenbone Logo

Greenbone Security Assistant

GitHub releases code test coverage Build and test JS

The Greenbone Security Assistant is the web interface developed for the Greenbone Security Manager appliances written in React.


All release files are signed with the Greenbone Community Feed integrity key. This gpg key can be downloaded at and the fingerprint is 8AE4 BE42 9B60 A59B 311C 2E73 9823 FAA6 0ED1 E580.


Prerequisites for GSA:

  • node.js >= 14.0
  • yarn >= 1.0

To install nodejs 14 the following commands can be used

DISTRIBUTION="$(lsb_release -s -c)"

curl -fsSL | gpg --dearmor | sudo tee "$KEYRING" >/dev/null
gpg --no-default-keyring --keyring "$KEYRING" --list-keys

echo "deb [signed-by=$KEYRING]$VERSION $DISTRIBUTION main" | sudo tee /etc/apt/sources.list.d/nodesource.list
echo "deb-src [signed-by=$KEYRING]$VERSION $DISTRIBUTION main" | sudo tee -a /etc/apt/sources.list.d/nodesource.list

Change into the gsa source directory and delete the possible existing build output directory.

cd path/to/gsa
rm -rf build

Install the JavaScript dependencies and start the build process. The build process creates a build directory with a production build of GSA. The build/img directory will contain images like logos and banners. The build/static directory will contain generated JavaScript and CSS files and additionally in the build/static/media directory SVG files for all icons will be found.

yarn build

All content of the production build can be shipped with every web server. For providing GSA via our gsad web server, the files need to be copied into the share/gvm/gsad/web/ subdirectory of your chosen CMAKE_INSTALL_PREFIX directory when building gsad. Normally this is set to /usr or /usr/local.

cp -r build/* $INSTALL_PREFIX/share/gvm/gsad/web/

If you are not familiar or comfortable building from source code, we recommend that you use the Greenbone Security Manager TRIAL (GSM TRIAL), a prepared virtual machine with a readily available setup. Information regarding the virtual machine is available at


Using GSA requires to re-build the JavaScript bundle. This process is very time-consuming and therefore may be avoided during development. It is possible to run GSA in a special web development server. The development server can be started with:

cd path/to/gsa && yarn run start

Afterwards the development web server is set up and a new browser window is opened at the URL, containing the GSA web application. When a JavaScript file of GSA in the src folder is changed, the browser window will reload automatically.

Besides the development server gsad needs to be running with CORS enabled.

gsad --http-cors=""

To be able to communicate with gsad, the web application needs to know the server URL. This can be accomplished by editing the path/to/gsa/public/config.js file. The following lines can be used for a local gsad running with HTTP on port 9392:

  config = {
    protocol: 'http',
    server: '',

For HTTPS only the protocol property must be 'https' accordingly.

After changing the config.js file, the browser window should be reloaded manually.


For any question on the usage of gsa please use the Greenbone Community Portal. If you found a problem with the software, please create an issue on GitHub. If you are a Greenbone customer you may alternatively or additionally forward your issue to the Greenbone Support Portal.


This project is maintained by Greenbone Networks GmbH.


Your contributions are highly appreciated. Please create a pull request on GitHub. Bigger changes need to be discussed with the development team via the issues section at github first.


Copyright (C) 2009-2021 Greenbone Networks GmbH

Licensed under the GNU Affero General Public License v3.0 or later.

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Javascript (1,555,917
Hacktoberfest (36,020
Hacktoberfest2021 (4,454
Vulnerability (848
Vulnerability Scanners (338
Vulnerability Detection (176
Related Projects