https://github.com/OWASP/Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
https://github.com/OWASP/Nettacker

automation bruteforce cve cves hacking-tools information-gathering network-analysis owasp penetration-testing penetration-testing-framework pentesting pentesting-tools portscanner python scanner security security-tools vulnerability-management vulnerability-scanner vulnerability-scanners

Last synced: 16 days ago
JSON representation

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

• Host: GitHub
• URL: https://github.com/OWASP/Nettacker
• Owner: OWASP
• License: apache-2.0
• Created: 2017-04-21T12:14:35.000Z (about 7 years ago)
• Default Branch: master
• Last Pushed: 2024-04-26T22:39:57.000Z (about 2 months ago)
• Last Synced: 2024-05-01T11:53:15.189Z (about 2 months ago)
• Topics: automation, bruteforce, cve, cves, hacking-tools, information-gathering, network-analysis, owasp, penetration-testing, penetration-testing-framework, pentesting, pentesting-tools, portscanner, python, scanner, security, security-tools, vulnerability-management, vulnerability-scanner, vulnerability-scanners
• Language: Python
• Homepage: https://owasp.org/www-project-nettacker/
• Size: 8.23 MB
• Stars: 2,959
• Watchers: 95
• Forks: 697
• Open Issues: 44
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • Funding: .github/FUNDING.yml
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md

Lists

• my-awesome-stars - Nettacker - Open-Source Vulnerability Scanner - Vulnerability Management | OWASP | 2596 | (Python)
• awesome - Nettacker
• awesome-stars - OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management (Python)
• awesome-stars - OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management (Python)
• AWS-Guide - OWASP Nettacker
• awesome-hacking-lists - Nettacker - Automated Penetration Testing Framework (Python (1887))
• awesome-stars - OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management (Python)
• awesome-stars - OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management (Python)
• awesome-hacking-lists - Nettacker - Automated Penetration Testing Framework (Python)
• awesome-hacking-lists - OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management (HTML)
• awesome-stars - OWASP/Nettacker - Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management (security-tools)

README

        
OWASP Nettacker

=========

[![Build Status](https://github.com/OWASP/Nettacker/workflows/CI/badge.svg?branch=master)](https://github.com/OWASP/Nettacker/actions/workflows/CI.yml)

[![Apache License](https://img.shields.io/badge/License-Apache%20v2-green.svg)](https://github.com/OWASP/Nettacker/blob/master/LICENSE)

[![Twitter](https://img.shields.io/badge/[email protected])](https://twitter.com/iotscan)

![GitHub contributors](https://img.shields.io/github/contributors/OWASP/Nettacker)

[![repo size ](https://img.shields.io/github/repo-size/OWASP/Nettacker)](https://github.com/OWASP/Nettacker)



**DISCLAIMER**

* ***THIS SOFTWARE WAS CREATED FOR AUTOMATED PENETRATION TESTING AND INFORMATION GATHERING. CONTRIBUTORS WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.***

![2018-01-19_0-45-07](https://user-images.githubusercontent.com/7676267/35123376-283d5a3e-fcb7-11e7-9b1c-92b78ed4fecc.gif)

OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software **will** utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanner making it one of the bests.

* OWASP Page: https://owasp.org/www-project-nettacker/

* Wiki: https://github.com/OWASP/Nettacker/wiki

* Installation: https://github.com/OWASP/Nettacker/wiki/Installation

* Usage: https://github.com/OWASP/Nettacker/wiki/Usage

* GitHub: https://github.com/OWASP/Nettacker

* Slack: #project-nettacker on https://owasp.slack.com

* Mailing List: https://groups.google.com/forum/#!forum/owasp-nettacker

* Docker Image: https://hub.docker.com/r/owasp/nettacker

* How to use the Dockerfile: https://github.com/OWASP/Nettacker/wiki/Installation#docker

* OpenHub: https://www.openhub.net/p/OWASP-Nettacker

* **Donate**: https://owasp.org/donate/?reponame=www-project-nettacker&title=OWASP+Nettacker

* **Read More**: https://www.secologist.com/open-source-projects

____________

Quick Setup & Run

============

```bash

$ docker-compose up -d && docker exec -it nettacker-nettacker-1 /bin/bash

# python nettacker.py -i owasp.org -s -m port_scan

```

* Results are accessible from your (https://localhost:5000) or https://nettacker-api.z3r0d4y.com:5000/ (pointed to your localhost)

* The local database is `.data/nettacker.db` (sqlite).

* Default results path is `.data/results`

* `docker-compose` will share your nettacker folder, so you will not lose any data after `docker-compose down`

* To see the API key in you can run `docker logs nettacker_nettacker_1`.

* More details and setup without docker https://github.com/OWASP/Nettacker/wiki/Installation

_____________

Thanks to our awesome contributors

============

![Awesome Contributors](https://contrib.rocks/image?repo=OWASP/Nettacker)

_____________

## ***IoT Scanner***

*	Python Multi Thread & Multi Process Network Information Gathering Vulnerability Scanner

*	Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… ) 

*	Asset Discovery & Network Service Analysis

*	Services Brute Force Testing

*	Services Vulnerability Testing

*	HTTP/HTTPS Crawling, Fuzzing, Information Gathering and … 

*	HTML, JSON, CSV and Text Outputs

* API & WebUI

*	This project is at the moment in research and development phase 

* Thanks to Google Summer of Code Initiative and all the students who contributed to this project during their summer breaks: 



_____________

## Stargazers over time

[![Stargazers over time](https://starchart.cc/OWASP/Nettacker.svg)](https://starchart.cc/OWASP/Nettacker)