DISCLAIMER
- THIS SOFTWARE WAS CREATED FOR AUTOMATED PENETRATION TESTING AND INFORMATION GATHERING. CONTRIBUTORS WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.
OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanner making it one of the bests.
- OWASP Page: https://www.owasp.org/index.php/OWASP_Nettacker
- Wiki: https://github.com/zdresearch/OWASP-Nettacker/wiki
- Installation: https://github.com/zdresearch/OWASP-Nettacker/wiki/Installation
- Usage: https://github.com/zdresearch/OWASP-Nettacker/wiki/Usage
- GitHub: https://github.com/zdresearch/OWASP-Nettacker
- Slack: #project-nettacker on https://owasp.slack.com
- Mailing List: https://groups.google.com/forum/#!forum/owasp-nettacker
- Docker Image: https://hub.docker.com/r/alirazmjoo/owaspnettacker/
- How to use the Dockerfile: https://github.com/zdresearch/OWASP-Nettacker/wiki/Installation
- OpenHub: https://www.openhub.net/p/OWASP-Nettacker
- Donate: https://www.owasp.org/index.php/OWASP_Nettacker
- Future IoT Scanner
- Python Multi Thread & Multi Process Network Information Gathering Vulnerability Scanner
- Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… )
- Asset Discovery & Network Service Analysis
- Services Brute Force Testing
- Services Vulnerability Testing
- HTTP/HTTPS Crawling, Fuzzing, Information Gathering and …
- HTML, JSON and Text Outputs
- API & WebUI
- This project is at the moment in research and development phase and most of results/codes are not published yet.
- Thanks to Google Summer of Code Initiative and all the students who contributed to this project during their summer breaks:
