This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Nettacker"

From OWASP
Jump to: navigation, search
(add johanna to the list)
m (What is OWASP Nettacker ?)
 
(17 intermediate revisions by 3 users not shown)
Line 20: Line 20:
 
<span title="Seed on Newsvine">[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]</span>
 
<span title="Seed on Newsvine">[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]</span>
 
</div>
 
</div>
 +
 +
'''Donate to OWASP Nettacker''' {{#widget:PayPal Donation |target=_blank |budget=OWASP Nettacker }}
 
====What is OWASP Nettacker ?====
 
====What is OWASP Nettacker ?====
https://www.owasp.org/images/1/1a/Nettacker_Demp.png
+
[[Image:Nettacker-screenshot.png|640px]]
  
'''OWASP Nettacker''' is an open source software in Python language which lets you '''automated penetration testing''' and '''automated Information Gathering'''. This software can be run on Windows/Linux/OSX under Python.
 
  
 +
'''OWASP Nettacker''' is an open source software in Python language which helps you to perform '''automated penetration testing''' and '''automated Information Gathering'''. This software can be run on Windows/Linux/OSX under Python.
  
 
==Description==
 
==Description==
 
[[File:2018-01-19 0-45-07.gif|OWASP Nettacker Demo]]
 
 
 
Nettacker project was created to automated for information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and information. This software is able to use SYN, ACK, TCP, ICMP and many other protocols to detect and bypass the Firewalls/IDS/IPS and devices. By using a unique solution in Nettacker to find protected services such as SCADA We could make a point to be one of the bests of scanners.
 
Nettacker project was created to automated for information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and information. This software is able to use SYN, ACK, TCP, ICMP and many other protocols to detect and bypass the Firewalls/IDS/IPS and devices. By using a unique solution in Nettacker to find protected services such as SCADA We could make a point to be one of the bests of scanners.
 
  
 
====DISCLAIMER====
 
====DISCLAIMER====
Line 57: Line 55:
 
====Apache License Version 2.0, January 2004====
 
====Apache License Version 2.0, January 2004====
  
The OWASP Nettacker is free to use and is licensed under the Apache 2 License. [https://github.com/viraintel/OWASP-Nettacker/blob/master/LICENSE Click to see the full license]
+
The OWASP Nettacker is free to use and is licensed under the Apache 2 License. [https://github.com/zdresearch/OWASP-Nettacker/blob/master/LICENSE Click to see the full license]
  
  
Line 68: Line 66:
 
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
  
== Project Leaders ==
+
== Project Leaders & Mentors & Contributors ==
* [https://www.owasp.org/index.php/User:Ali_Razmjoo Ali Razmjoo]
+
* [mailto:ali.razmjoo@owasp.org Ali Razmjoo]
* [https://www.owasp.org/index.php/User:Rezasp Mohammad Reza Espargham]
+
* [mailto:reza.espargham@owasp.org Mohammad Reza Espargham]
 
* [mailto:[email protected] Johanna Curiel]
 
* [mailto:[email protected] Johanna Curiel]
 
+
* [mailto:[email protected] Abbas Naderi Afooshteh]
== Contributors & Main Developers ==
+
* [mailto:sriharsha.g15@ii Sri Harsha Gajavalli]
 
+
* [mailto:[email protected] Hannah Brand]
 +
* [mailto:[email protected] Shaddy Garg]
 +
* [mailto:[email protected] Pradeep Jairamani]
 
* [mailto:[email protected] Vahid Behzadan]
 
* [mailto:[email protected] Vahid Behzadan]
* [mailto:mojtaba6892@gmail.com Mojtaba MasoumPour]
+
* [mailto:mr.zamiri@ieee.org Mohammad Reza Zamiri]
 
* [mailto:[email protected] Ehsan Nezami]
 
* [mailto:[email protected] Ehsan Nezami]
* [https://github.com/camel32bit camel32bit]
+
* Click for [https://github.com/zdresearch/OWASP-Nettacker/wiki/Contributors FULL LIST]
* [mailto:[email protected] Ravindra Sharma]
 
* [mailto:[email protected] Harshavardhan Reddy]
 
* [mailto:[email protected] ArianPH]
 
* [mailto:[email protected] omdmhd]
 
* [mailto:[email protected] Mahdi Rasouli]
 
* [mailto:[email protected] Shaddy Garg]
 
* [mailto:[email protected] Pradeep Jairamani]
 
* [mailto:[email protected] Tikam Singh Alma]
 
  
 
== Links ==
 
== Links ==
  
* [https://github.com/viraintel/OWASP-Nettacker on Github]
+
* [https://github.com/zdresearch/OWASP-Nettacker on Github]
 
* [https://groups.google.com/forum/#!forum/owasp-nettacker Mailing List]
 
* [https://groups.google.com/forum/#!forum/owasp-nettacker Mailing List]
 
* [http://nettacker.z3r0d4y.com/ OWASP Nettacker Home]
 
* [http://nettacker.z3r0d4y.com/ OWASP Nettacker Home]
  
 
== Be an OWASP Nettacker Developer ==
 
== Be an OWASP Nettacker Developer ==
* [https://www.owasp.org/index.php/OWASP_Nettacker#tab=Developers Quick Developing Help]
+
* [https://www.owasp.org/index.php/OWASP_Nettacker#Developers Quick Developing Help]
  
 
==Related links==
 
==Related links==
*[https://github.com/viraintel/OWASP-Nettacker Github]
+
*[https://github.com/zdresearch/OWASP-Nettacker Github]
  
 
<!-- DO NOT ALTER OR REMOVE THE TEXT ON NEXT LINE -->
 
<!-- DO NOT ALTER OR REMOVE THE TEXT ON NEXT LINE -->
Line 105: Line 97:
 
== Quick Download ==
 
== Quick Download ==
  
[https://github.com/viraintel/OWASP-Nettacker Github Page.]
+
[https://github.com/zdresearch/OWASP-Nettacker Github Page.]
  
 
[Download Page.]
 
[Download Page.]
  
* [https://github.com/viraintel/OWASP-Nettacker/zipball/master .zip file.]
+
* [https://github.com/zdresearch/OWASP-Nettacker/zipball/master .zip file.]
* [https://github.com/viraintel/OWASP-Nettacker/tarball/master .tgz file.]
+
* [https://github.com/zdresearch/OWASP-Nettacker/tarball/master .tgz file.]
  
 
== News and Events ==
 
== News and Events ==
  
* [https://groups.google.com/forum/#!topic/owasp-nettacker/3gscDww2sf4 OWASP Nettacker was introduced in OFFSECONF 2017]
+
* [https://github.com/zdresearch/OWASP-Nettacker/wiki/Events ALL EVENTS AND NEWS]
  
 
== Docs ==
 
== Docs ==
* [https://github.com/viraintel/OWASP-Nettacker/wiki Wiki].
+
* [https://github.com/zdresearch/OWASP-Nettacker/wiki Wiki].
  
  
Line 149: Line 141:
 
<span title="Seed on Newsvine">[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]</span>
 
<span title="Seed on Newsvine">[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]</span>
 
</div>
 
</div>
To see full guides please visit our [https://github.com/viraintel/OWASP-Nettacker/wiki wiki page].
+
To see full guides please visit our [https://github.com/zdresearch/OWASP-Nettacker/wiki wiki page].
  
  
Line 233: Line 225:
 
<span title="Seed on Newsvine">[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]</span>
 
<span title="Seed on Newsvine">[[File:social-newsvine.png|16px|Seed on Newsvine|link=http://www.newsvine.com/_wine/save?popoff=1&u=https://www.owasp.org/index.php/OWASP_Nettacker]]</span>
 
</div>
 
</div>
 
== Project Leaders ==
 
* Ali Razmjoo
 
* Mohammad Reza Espargham
 
 
== Contributors ==
 
* [mailto:[email protected] Vahid Behzadan]
 
* [mailto:[email protected] Mojtaba MasoumPour]
 
* [mailto:[email protected] Ehsan Nezami]
 
* [https://github.com/camel32bit camel32bit]
 
* [mailto:[email protected] Ravindra Sharma]
 
* [https://github.com/avhvr Harshavardhan Reddy]
 
* [mailto:[email protected] ArianPH]
 
* [mailto:[email protected] omdmhd]
 
  
 
===Be an OWASP Nettacker developer===
 
===Be an OWASP Nettacker developer===
  
Developers can add new features and if you don’t have an idea but like to develop, you can submit the issue, which software needs to be fix/add/done in [https://github.com/viraintel/OWASP-Nettacker/issues HERE].
+
Developers can add new features and if you don’t have an idea but like to develop, you can submit the issue, which software needs to be fix/add/done in [https://github.com/zdresearch/OWASP-Nettacker/issues HERE].
  
 
After fix/add or develop something, please send your pull request and remember that your code must be compatible with python2 and python3.
 
After fix/add or develop something, please send your pull request and remember that your code must be compatible with python2 and python3.
Line 260: Line 238:
 
{{:Projects/OWASP_Nettacker_About_Page}}
 
{{:Projects/OWASP_Nettacker_About_Page}}
  
 +
Please check the project [https://github.com/zdresearch/OWASP-Nettacker/wiki wiki] on Github.
 +
 +
[[File:2018-01-19 0-45-07.gif|OWASP Nettacker Demo]]
  
  

Latest revision as of 14:35, 16 December 2019

OWASP Project Header.jpg

OWASP Nettacker Project

Donate to OWASP Nettacker

What is OWASP Nettacker ?

Nettacker-screenshot.png


OWASP Nettacker is an open source software in Python language which helps you to perform automated penetration testing and automated Information Gathering. This software can be run on Windows/Linux/OSX under Python.

Description

Nettacker project was created to automated for information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and information. This software is able to use SYN, ACK, TCP, ICMP and many other protocols to detect and bypass the Firewalls/IDS/IPS and devices. By using a unique solution in Nettacker to find protected services such as SCADA We could make a point to be one of the bests of scanners.

DISCLAIMER

This tool is related to IT, Hacking, Programming, and Computer|Network|Software Security. The word “Hack”, "Pen testing",“Hacking” that is used on these project pages shall be regarded as “Ethical Hack” or “Ethical Hacking” respectively. This is not a tool that provides any illegal information.We do not promote hacking or software cracking. All the information provided on these pages is for educational purposes only.

The authors of this tool are not responsible for any misuse of the information.You shall not misuse the information to gain unauthorized access and/or write malicious programs.This information shall only be used to expand knowledge and not for causing malicious or damaging attacks.You may try all of these techniques on your own computer at your own risk.Performing any hack attempts/tests without written permission from the owner of the computer system is illegal.

IN NO EVENT SHALL THE CREATORS, OWNER, OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.


Features

IoT Scanner
Python Multi-Thread & Multi Process Network Information Gathering Vulnerability Scanner
Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and much more… )
Network Service Analysis
Services Brute Force Testing
Services Vulnerability Testing
HTTP/HTTPS Crawling, Fuzzing, Information Gathering and …
HTML and Text Outputs
This project is at the moment in research and development phase and most of results/codes are not published yet.

Licensing

Apache License Version 2.0, January 2004

The OWASP Nettacker is free to use and is licensed under the Apache 2 License. Click to see the full license


The OWASP Security Principles are free to use. In fact, it is encouraged!!! Additionally, I also encourage you to contribute back to the project. I have no monopoly on this knowledge; however, we all have pieces of this knowledge from our experience. Let's begin by putting our individual pieces together to make something great. Great things happen when people work together.

The OWASP Security Principles are licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

Project Leaders & Mentors & Contributors

Links

Be an OWASP Nettacker Developer

Related links

Quick Download

Github Page.

[Download Page.]

News and Events

Docs


Classifications

New projects.png Owasp-breakers-small.png
Project Type Files TOOL.jpg

To see full guides please visit our wiki page.


Installation You can install OWASP Nettacker by using pip install -r requirements.txt && python setup.py install. In the feature, you will be able to install this tools from PyPi library by pip install OWASP-Nettacker (It's not available yet!). After the installation, you can run the software by using the nettacker command line on Windows, Mac OS X, Linux.


Roadmap

As of October, 2017, the highest priorities for the next one year are:

  • Planning for activating features
  • Build Nettacker API
  • Find developers to get better performance, quality, optimizing and best improvement in minimum possible time
  • Get other people to review the OWASP Nettacker Project provide feedback
  • Incorporate feedback into changes in the Project and the features
  • Keep test, developing and updating with best new methods
  • Build and update documents in several languages for developers/users guiding

Subsequent Releases will add

  • Internationalization Support
  • Additional Unit Tests
  • Automated Regression tests


Be an OWASP Nettacker developer

Developers can add new features and if you don’t have an idea but like to develop, you can submit the issue, which software needs to be fix/add/done in HERE.

After fix/add or develop something, please send your pull request and remember that your code must be compatible with python2 and python3. If you have any question you can open an issue or just mail us. do not forget to register on our mailing list.

Projects/OWASP Nettacker About Page

Please check the project wiki on Github.

OWASP Nettacker Demo