Nothing Special   »   [go: up one dir, main page]

Skip to content

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

License

Notifications You must be signed in to change notification settings

Manushya-a/Nettacker

 
 

Repository files navigation

OWASP Nettacker

Build Status Apache License Twitter GitHub contributors Documentation Status repo size Docker Pulls

DISCLAIMER

  • THIS SOFTWARE WAS CREATED FOR AUTOMATED PENETRATION TESTING AND INFORMATION GATHERING. YOU MUST USE THIS SOFTWARE IN A RESPONSIBLE AND ETHICAL MANNER. DO NOT TARGET SYSTEMS OR APPLICATIONS WITHOUT OBTAINING PERMISSIONS OR CONSENT FROM THE SYSTEM OWNERS OR ADMINISTRATORS. CONTRIBUTORS WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.

2018-01-19_0-45-07

OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanners making it one of the best.


Quick Setup & Run

$ docker-compose up -d && docker exec -it nettacker-nettacker-1 /bin/bash
# poetry run python nettacker.py -i owasp.org -s -m port_scan

Thanks to our awesome contributors

Awesome Contributors


IoT Scanner

  • Python Multi Thread & Multi Process Network Information Gathering Vulnerability Scanner
  • Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… )
  • Asset Discovery & Network Service Analysis
  • Services Brute Force Testing
  • Services Vulnerability Testing
  • HTTP/HTTPS Crawling, Fuzzing, Information Gathering and …
  • HTML, JSON, CSV and Text Outputs
  • API & WebUI
  • This project is at the moment in research and development phase
  • Thanks to Google Summer of Code Initiative and all the students who contributed to this project during their summer breaks:


Stargazers over time

Stargazers over time

About

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 59.5%
  • CSS 26.8%
  • JavaScript 13.6%
  • Other 0.1%