Skip to content
forked from OWASP/Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

License

Notifications You must be signed in to change notification settings

franzen/Nettacker

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

OWASP Nettacker

Build Status Apache License Twitter GitHub contributors repo size

DISCLAIMER

  • THIS SOFTWARE WAS CREATED FOR AUTOMATED PENETRATION TESTING AND INFORMATION GATHERING. CONTRIBUTORS WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.

2018-01-19_0-45-07

OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanner making it one of the bests.


Quick Setup & Run

$ docker-compose up -d && docker exec -it nettacker_nettacker_1 /bin/bash
# python nettacker.py -i owasp.org -s -m port_scan

Thanks to our awesome contributors

Awesome Contributors


IoT Scanner

  • Python Multi Thread & Multi Process Network Information Gathering Vulnerability Scanner
  • Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… )
  • Asset Discovery & Network Service Analysis
  • Services Brute Force Testing
  • Services Vulnerability Testing
  • HTTP/HTTPS Crawling, Fuzzing, Information Gathering and …
  • HTML, JSON, CSV and Text Outputs
  • API & WebUI
  • This project is at the moment in research and development phase
  • Thanks to Google Summer of Code Initiative and all the students who contributed to this project during their summer breaks:

About

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • HTML 60.4%
  • Python 23.1%
  • CSS 12.4%
  • JavaScript 4.1%