=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
[[file:JoomScan_Logo.png|right]]

<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject={{FULLPAGENAMEE}}&body={{FULLPAGENAMEE}}:%0A{{fullurle:{{FULLPAGENAME}}}}]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u={{fullurle:{{FULLPAGENAME}}}}&t={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}} }}]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status={{fullurle:{{FULLPAGENAME}}}}|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u={{fullurle:{{FULLPAGENAME}}}}]]
</div>

[[File:joomscan_download.png|link=https://github.com/rezasp/joomscan]]

==OWASP joomscan Project ==
OWASP joomscan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analyses them.

==== Why joomscan ? ====

If you want to do a penetration test on a Joomla, JoomScan is Your best shot ever! This Project is being faster than ever and updated with the latest Joomla vulnerabilities.
[[File:Joomscan screenshot.png|700px|thumb]]

==== Contributors ====

** [Code Contributors]

==Description==


OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in Perl programming language to detect Joomla CMS vulnerabilities and analyses them.

{|
|-
{{#ev:youtube|Ik2CJ9LkuoI}} 
|}

==LICENSE==

====GNU GENERAL PUBLIC LICENSE , Version 3, 29 June 2007====

Copyright (C) 2007 Free Software Foundation, Inc. http://fsf.org/ Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [https://github.com/rezasp/joomscan/blob/master/COPYING.GPL Click to see the full license]

'''The OWASP Security Principles are free to use. In fact it is encouraged!!!
'' Additionally, I also encourage you to contribute back to the project. I have no monopoly on this knowledge; however, we all have pieces of this knowledge from our experience. Let's begin by putting our individual pieces together to make something great. Great things happen when people work together.

The OWASP Security Principles are licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== Quick Download ==
[https://github.com/rezasp/joomscan Github Page.]

[Download Page.]

* [https://github.com/rezasp/joomscan/zipball/master .zip file.]
* [https://github.com/rezasp/joomscan/tarball/master .tgz file.]

== Project Leader ==

[mailto:reza.espargham@owasp.org Mohammad Reza Espargham]

[mailto:ali.razmjoo@owasp.org Ali Razmjoo]

== Contributors & Main Developers ==

* [mailto:alireza@rayan.co Alireza Zare]

==Classifications==

{| width="200" cellpadding="2"
|-
| colspan="2" align="center" | [[File:Project_Type_Files_TOOL.jpg|link=https://www.owasp.org/index.php/Category:OWASP_Tool]]
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects|Incubator Project]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=Builders]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=Defenders]]
|-
| colspan="2" align="center" | [[File:Agplv3-155x51.png|link=http://www.gnu.org/licenses/agpl-3.0.html|Affero General Public License 3.0]]
|}

| valign="top" style="padding-left:25px;width:200px;" |

== News and Events ==

* JoomScan 0.0.1 - "Reburn" Released
* [https://www.blackhat.com/asia-18/arsenal.html#mohammad-reza-espargham OWASP Joomscan has Been Selected for Blackhat Asia Arsenal 2018]

|}

= Acknowledgements =
==Contributors==

joomscan source code located in github and you could see contributors in this [https://github.com/rezasp/joomscan/graphs/contributors URL].

Please feel free to fork and submit your pull request to develop joomscan Project together.

==Leader==

* [https://www.owasp.org/index.php/User:rezasp Mohammad Reza Espargham]

= Road Map and Getting Involved =
This project is going to be the best Joomla scanner, At the end We could have a joomla cms penetration tester which is updated with the last vulnerabilities.

==Roadmap==

This Project was created to be a joomscanner which already it is and now need to be best with some tasks:

* Optimize software core to be fast and easy to develop
* make it module base and create libraries for developers
* Support all OS
* Be update with latest exploits.
* Create documents for newbie users
* Keep testing and fix bugs!

===Feedback===
Please submit your feedbacks and issues in [https://github.com/rezasp/joomscan/issues HERE].
<ul>
<li>What do like?</li>
<li>What don't you like?</li>
<li>What features would you like to see prioritized on the roadmap?</li>
<li>Do you have any problem with tool?</li>
<li>Do you need any exploit to be add?</li>
</ul>

=Minimum Viable Product=

=Project About=

{{:Projects/OWASP_joomscan_Project}}


__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]] [[Category:OWASP_Tool]] [[Category:OWASP_Download]]

Category:OWASP Joomla Vulnerability Scanner Project

2018-03-03T01:19:29Z

Rezasp: /* Why joomscan ? */

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
[[file:JoomScan_Logo.png|right]]

<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject={{FULLPAGENAMEE}}&body={{FULLPAGENAMEE}}:%0A{{fullurle:{{FULLPAGENAME}}}}]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u={{fullurle:{{FULLPAGENAME}}}}&t={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}} }}]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status={{fullurle:{{FULLPAGENAME}}}}|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u={{fullurle:{{FULLPAGENAME}}}}]]
</div>

[[File:joomscan_download.png|link=https://github.com/rezasp/joomscan]]

==OWASP joomscan Project ==
OWASP joomscan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analyses them.

==== Why joomscan ? ====

If you want to do a penetration test on a Joomla, JoomScan is Your best shot ever! This Project is being faster than ever and updated with the latest Joomla vulnerabilities.
[[File:Joomscan screenshot.png|700px|thumb]]

==Description==


OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in Perl programming language to detect Joomla CMS vulnerabilities and analyses them.

{|
|-
{{#ev:youtube|Ik2CJ9LkuoI}} 
|}

==LICENSE==

====GNU GENERAL PUBLIC LICENSE , Version 3, 29 June 2007====

Copyright (C) 2007 Free Software Foundation, Inc. http://fsf.org/ Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [https://github.com/rezasp/joomscan/blob/master/COPYING.GPL Click to see the full license]

'''The OWASP Security Principles are free to use. In fact it is encouraged!!!
'' Additionally, I also encourage you to contribute back to the project. I have no monopoly on this knowledge; however, we all have pieces of this knowledge from our experience. Let's begin by putting our individual pieces together to make something great. Great things happen when people work together.

The OWASP Security Principles are licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== Quick Download ==
[https://github.com/rezasp/joomscan Github Page.]

[Download Page.]

* [https://github.com/rezasp/joomscan/zipball/master .zip file.]
* [https://github.com/rezasp/joomscan/tarball/master .tgz file.]

== Project Leader ==

[mailto:reza.espargham@owasp.org Mohammad Reza Espargham]

[mailto:ali.razmjoo@owasp.org Ali Razmjoo]

== Contributors & Main Developers ==

* [mailto:alireza@rayan.co Alireza Zare]

==Classifications==

{| width="200" cellpadding="2"
|-
| colspan="2" align="center" | [[File:Project_Type_Files_TOOL.jpg|link=https://www.owasp.org/index.php/Category:OWASP_Tool]]
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects|Incubator Project]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=Builders]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=Defenders]]
|-
| colspan="2" align="center" | [[File:Agplv3-155x51.png|link=http://www.gnu.org/licenses/agpl-3.0.html|Affero General Public License 3.0]]
|}

| valign="top" style="padding-left:25px;width:200px;" |

== News and Events ==

* JoomScan 0.0.1 - "Reburn" Released
* [https://www.blackhat.com/asia-18/arsenal.html#mohammad-reza-espargham OWASP Joomscan has Been Selected for Blackhat Asia Arsenal 2018]

|}

= Acknowledgements =
==Contributors==

joomscan source code located in github and you could see contributors in this [https://github.com/rezasp/joomscan/graphs/contributors URL].

Please feel free to fork and submit your pull request to develop joomscan Project together.

==Leader==

* [https://www.owasp.org/index.php/User:rezasp Mohammad Reza Espargham]

= Road Map and Getting Involved =
This project is going to be the best Joomla scanner, At the end We could have a joomla cms penetration tester which is updated with the last vulnerabilities.

==Roadmap==

This Project was created to be a joomscanner which already it is and now need to be best with some tasks:

* Optimize software core to be fast and easy to develop
* make it module base and create libraries for developers
* Support all OS
* Be update with latest exploits.
* Create documents for newbie users
* Keep testing and fix bugs!

===Feedback===
Please submit your feedbacks and issues in [https://github.com/rezasp/joomscan/issues HERE].
<ul>
<li>What do like?</li>
<li>What don't you like?</li>
<li>What features would you like to see prioritized on the roadmap?</li>
<li>Do you have any problem with tool?</li>
<li>Do you need any exploit to be add?</li>
</ul>

=Minimum Viable Product=

=Project About=

{{:Projects/OWASP_joomscan_Project}}


__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]] [[Category:OWASP_Tool]] [[Category:OWASP_Download]]

2018-01-24T21:19:23Z

Rezasp: /* Be an OWASP Nettacker Developer */

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>


{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |

==OWASP Nettacker Project==
<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject=OWASP_Nettacker&body=OWASP_Nettacker:%0Ahttps://www.owasp.org/index.php/OWASP_Nettacker]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u=https://www.owasp.org/index.php/OWASP_Nettacker&t=OWASP+Nettacker]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status=https://www.owasp.org/index.php/OWASP_Nettacker|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]
</div>
====What is OWASP Nettacker ?====
https://www.owasp.org/images/1/1a/Nettacker_Demp.png

'''OWASP Nettacker''' is an open source software in Python language which lets you '''automated penetration testing''' and '''automated Information Gathering'''. This software can be run on Windows/Linux/OSX under Python.

==Description==

[[File:2018-01-19 0-45-07.gif|OWASP Nettacker Demo]]

Nettacker project was created to automated for information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and information. This software is able to use SYN, ACK, TCP, ICMP and many other protocols to detect and bypass the Firewalls/IDS/IPS and devices. By using a unique solution in Nettacker to find protected services such as SCADA We could make a point to be one of the bests of scanners.

====DISCLAIMER====
This tool is related to IT, Hacking, Programming, and Computer|Network|Software Security. The word “Hack”, "Pen testing",“Hacking” that is used on these project pages shall be regarded as “Ethical Hack” or “Ethical Hacking” respectively. This is not a tool that provides any illegal information.We do not promote hacking or software cracking. All the information provided on these pages is for educational purposes only.

The authors of this tool are not responsible for any misuse of the information.You shall not misuse the information to gain unauthorized access and/or write malicious programs.This information shall only be used to expand knowledge and not for causing malicious or damaging attacks.You may try all of these techniques on your own computer at your own risk.Performing any hack attempts/tests without written permission from the owner of the computer system is illegal.

IN NO EVENT SHALL THE CREATORS, OWNER, OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

==== Features ====

'''IoT Scanner''' 
Python Multi-Thread & Multi Process Network Information Gathering Vulnerability Scanner 
Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and much more… ) 
Network Service Analysis 
Services Brute Force Testing 
Services Vulnerability Testing 
HTTP/HTTPS Crawling, Fuzzing, Information Gathering and … 
HTML and Text Outputs 
This project is at the moment in research and development phase and most of results/codes are not published yet. 

==Licensing==

====Apache License Version 2.0, January 2004====

The OWASP Nettacker is free to use and is licensed under the Apache 2 License. [https://github.com/viraintel/OWASP-Nettacker/blob/master/LICENSE Click to see the full license]

'''The OWASP Security Principles are free to use. In fact, it is encouraged!!!'''
'' Additionally, I also encourage you to contribute back to the project. I have no monopoly on this knowledge; however, we all have pieces of this knowledge from our experience. Let's begin by putting our individual pieces together to make something great. Great things happen when people work together.''

The OWASP Security Principles are licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== Project Leaders ==
* [https://www.owasp.org/index.php/User:Ali_Razmjoo Ali Razmjoo]

* [https://www.owasp.org/index.php/User:Rezasp Mohammad Reza Espargham]

== Contributors & Main Developers ==

* [mailto:behzadan@ksu.edu Vahid Behzadan]
* [mailto:mojtaba6892@gmail.com Mojtaba MasoumPour]
* [mailto:ehsan.empire1@gmail.com Ehsan Nezami]
* [https://github.com/camel32bit camel32bit]

== Links ==

* [https://github.com/viraintel/OWASP-Nettacker on Github]
* [https://groups.google.com/forum/#!forum/owasp-nettacker Mailing List]
* [http://nettacker.z3r0d4y.com/ OWASP Nettacker Home]

== Be an OWASP Nettacker Developer ==
* [https://www.owasp.org/index.php/OWASP_Nettacker#tab=Developers Quick Developing Help]

==Related links==
*[https://github.com/viraintel/OWASP-Nettacker Github]


| valign="top" style="padding-left:25px;width:200px;" |

== Quick Download ==

[https://github.com/viraintel/OWASP-Nettacker Github Page.]

[Download Page.]

* [https://github.com/viraintel/OWASP-Nettacker/zipball/master .zip file.]
* [https://github.com/viraintel/OWASP-Nettacker/tarball/master .tgz file.]

== News and Events ==

* [https://groups.google.com/forum/#!topic/owasp-nettacker/3gscDww2sf4 OWASP Nettacker was introduced in OFFSECONF 2017]

== Docs ==
* [https://github.com/viraintel/OWASP-Nettacker/wiki Wiki].

==Classifications==

{| width="200" cellpadding="2"
|-
| rowspan="2" align="center" valign="top" width="50%" | [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
| align="center" valign="top" width="50%" | [[File:Owasp-breakers-small.png|link=]]
|-
|
|-
|
|-
| colspan="2" align="center" | [[File:Project_Type_Files_TOOL.jpg|link=]]
|}

|}

=FAQs=
<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject=OWASP_Nettacker&body=OWASP_Nettacker:%0Ahttps://www.owasp.org/index.php/OWASP_Nettacker]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u=https://www.owasp.org/index.php/OWASP_Nettacker&t=OWASP+Nettacker]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status=https://www.owasp.org/index.php/OWASP_Nettacker|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]
</div>
To see full guides please visit our [https://github.com/viraintel/OWASP-Nettacker/wiki wiki page].

=Requirement / Installation=
<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject=OWASP_Nettacker&body=OWASP_Nettacker:%0Ahttps://www.owasp.org/index.php/OWASP_Nettacker]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u=https://www.owasp.org/index.php/OWASP_Nettacker&t=OWASP+Nettacker]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status=https://www.owasp.org/index.php/OWASP_Nettacker|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]
</div>

'''Installation'''
You can install OWASP Nettacker by using pip install -r requirements.txt && python setup.py install. In the feature, you will be able to install this tools from PyPi library by pip install OWASP-Nettacker (It's not available yet!). After the installation, you can run the software by using the nettacker command line on Windows, Mac OS X, Linux.

= Road Map and Getting Involved =
<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject=OWASP_Nettacker&body=OWASP_Nettacker:%0Ahttps://www.owasp.org/index.php/OWASP_Nettacker]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u=https://www.owasp.org/index.php/OWASP_Nettacker&t=OWASP+Nettacker]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status=https://www.owasp.org/index.php/OWASP_Nettacker|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]
</div>

==Roadmap==
As of October, 2017, the highest priorities for the next one year are:

* Planning for activating features
* Build Nettacker API
* Find developers to get better performance, quality, optimizing and best improvement in minimum possible time
* Get other people to review the OWASP Nettacker Project provide feedback
* Incorporate feedback into changes in the Project and the features
* Keep test, developing and updating with best new methods
* Build and update documents in several languages for developers/users guiding


Subsequent Releases will add

* Internationalization Support
* Additional Unit Tests
* Automated Regression tests


=Minimum Viable Product=

<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject=OWASP_Nettacker&body=OWASP_Nettacker:%0Ahttps://www.owasp.org/index.php/OWASP_Nettacker]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u=https://www.owasp.org/index.php/OWASP_Nettacker&t=OWASP+Nettacker]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status=https://www.owasp.org/index.php/OWASP_Nettacker|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]
</div>

= Developers =
<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject=OWASP_Nettacker&body=OWASP_Nettacker:%0Ahttps://www.owasp.org/index.php/OWASP_Nettacker]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u=https://www.owasp.org/index.php/OWASP_Nettacker&t=OWASP+Nettacker]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url=https://www.owasp.org/index.php/OWASP_Nettacker&title=OWASP+Nettacker]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status=https://www.owasp.org/index.php/OWASP_Nettacker|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]
</div>

== Project Leaders ==
* Ali Razmjoo
* Mohammad Reza Espargham

== Contributors ==
* Vahid Behzadan
* Mojtaba MasoumPour
* Ehsan Nezami
* camel32bit

===Be an OWASP Nettacker developer===

Developers can add new features and if you don’t have an idea but like to develop, you can submit the issue, which software needs to be fix/add/done in [https://github.com/viraintel/OWASP-Nettacker/issues HERE].

After fix/add or develop something, please send your pull request and remember that your code must be compatible with python2 and python3.
If you have any question you can open an issue or just [mailto:owasp-nettacker@googlegroups.com mail us]. do not forget to register on our [https://groups.google.com/forum/#!forum/owasp-nettacker mailing list].

=Project About=

{{:Projects/OWASP_Nettacker_About_Page}}

__NOTOC__ <headertabs />

[[Category:OWASP Project]]
[[Category:OWASP_Breakers]]
[[Category:OWASP_Code]]
[[Category:OWASP_Tool]]
[[Category:OWASP_Download]]
[[Category:Shellcode]]

OWASP VBScan Project

2017-12-06T21:43:12Z

Rezasp:

=Main=

<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>

{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
[[file:VBScan_Logo.png|right]]

<div class="plainlinks">
'''Share this:''' 
[[File:social-email.png|E-mail this story|link=mailto:?subject={{FULLPAGENAMEE}}&body={{FULLPAGENAMEE}}:%0A{{fullurle:{{FULLPAGENAME}}}}]]
[[File:social-facebook.png|Bookmark with Facebook|link=http://www.facebook.com/sharer.php?u={{fullurle:{{FULLPAGENAME}}}}&t={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-digg.png|Share on Digg.com|link=http://digg.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}} }}]]
[[File:social-delicious.png|16px|Share on delicious|link=http://delicious.com/post?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-reddit.png|Share on reddit.com|link=http://reddit.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-stumbleupon.png|16px|Share on stumbleupon.com|link=http://stumbleupon.com/submit?url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-linkedin.png|16px|Share on LinkedIn.com|link=http://www.linkedin.com/shareArticle?mini=true&url={{fullurle:{{FULLPAGENAME}}}}&title={{urlencode:{{FULLPAGENAME}}}}]]
[[File:social-twitter.png|alt=Share on twitter.com|link=http://twitter.com/?status={{fullurle:{{FULLPAGENAME}}}}|Share on twitter.com]]
[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u={{fullurle:{{FULLPAGENAME}}}}]]
</div>

[[File:joomscan_download.png|link=https://github.com/rezasp/vbscan]]

==OWASP VBScan Project ==
OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them.

==== Why VBScan ? ====

If you want to do a penetration test on a vBulletin Forum, VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

[[File:vbscan_screenshot.jpg]]

==== Popularity ====

* ToolsWatch Annual Best Free/Open Source Security Tool Survey:
** 2016 [http://www.toolswatch.org/2017/02/2016-top-security-tools-as-voted-by-toolswatch-org-readers/ 3rd]

==Description==


OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them.

{|
|-
{{#ev:youtube|NGEtJoGL2yA}} 
{{#ev:youtube|SirozqDYERA}}
|}

==LICENSE==

====GNU GENERAL PUBLIC LICENSE , Version 3, 29 June 2007====

Copyright (C) 2007 Free Software Foundation, Inc. http://fsf.org/ Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. [https://github.com/rezasp/vbscan/blob/master/COPYING.GPL Click to see the full license]

'''The OWASP Security Principles are free to use. In fact it is encouraged!!!
'' Additionally, I also encourage you to contribute back to the project. I have no monopoly on this knowledge; however, we all have pieces of this knowledge from our experience. Let's begin by putting our individual pieces together to make something great. Great things happen when people work together.

The OWASP Security Principles are licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |

== Quick Download ==
[https://github.com/rezasp/vbscan Github Page.]

[Download Page.]

* [https://github.com/rezasp/vbscan/zipball/master .zip file.]
* [https://github.com/rezasp/vbscan/tarball/master .tgz file.]

== Project Leader ==

[mailto:reza.espargham@owasp.org Mohammad Reza Espargham]

==Classifications==

{| width="200" cellpadding="2"
|-
| colspan="2" align="center" | [[File:Project_Type_Files_TOOL.jpg|link=https://www.owasp.org/index.php/Category:OWASP_Tool]]
|-
| align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects|Incubator Project]]
| align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=Builders]]
|-
| align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=Defenders]]
|-
| colspan="2" align="center" | [[File:Agplv3-155x51.png|link=http://www.gnu.org/licenses/agpl-3.0.html|Affero General Public License 3.0]]
|}

| valign="top" style="padding-left:25px;width:200px;" |

== News and Events ==

* OWASP VBScan was introduced in OFFSECONF 2017
* [https://github.com/rezasp/vbscan/archive/master.zip VBScan 0.1.7.1 - "Larry Wall" Released]
* VBScan 0.1.7 - "Larry Wall" Released
*OWASP VBScan has been selected for BSides/BlackHat USA 2016
*VBScan 0.1.6 - "Dennis Ritchie again" Released
*VBScan 0.1.5 - "Dennis Ritchie" Released
|}

= Acknowledgements =
==Contributors==

VBScan source code located in github and you could see contributors in this [https://github.com/rezasp/vbscan/graphs/contributors URL].

Please feel free to fork and submit your pull request to develop VBScan Project together.

==Leader==

* [https://www.owasp.org/index.php/User:rezasp Mohammad Reza Espargham]

= Road Map and Getting Involved =
This project is going to be the best VBulletin scanner, At the end We could have a forum cms penetration tester which is updated with the last vulnerabilities.

==Roadmap==

This Project was created to be a VBScanner which already it is and now need to be best with some tasks:

* Optimize software core to be fast and easy to develop
* make it module base and create libraries for developers
* Support all OS
* Be update with latest exploits.
* Create documents for newbie users
* Keep testing and fix bugs!

===Feedback===
Please submit your feedbacks and issues in [https://github.com/rezasp/vbscan/issues HERE].
<ul>
<li>What do like?</li>
<li>What don't you like?</li>
<li>What features would you like to see prioritized on the roadmap?</li>
<li>Do you have any problem with tool?</li>
<li>Do you need any exploit to be add?</li>
</ul>

=Minimum Viable Product=

VBScan Could be improved by adding more module and fixing core to make a better and faster threads, right now VBScan is including more than 70 modules to check bugs, vulnerabilities in perl language. To be more update and check exploits please check the [https://github.com/rezasp/vbscan github page].

=Project About=

{{:Projects/OWASP_VBScan_Project}}


__NOTOC__ <headertabs />

[[Category:OWASP Project]] [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]] [[Category:OWASP_Document]] [[Category:OWASP_Tool]] [[Category:OWASP_Download]]