OWASP Nettacker: Automated Penetration Testing Framework

OWASP Nettacker project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanners making it one of the best.

automate information gathering

  • Future IoT Scanner
  • Python Multi Thread & Multi-Process Network Information Gathering Vulnerability Scanner
  • Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… )
  • Asset Discovery & Network Service Analysis
  • Services Brute Force Testing
  • Services Vulnerability Testing
  • HTTP/HTTPS Crawling, Fuzzing, Information Gathering, and …
  • HTML, JSON and Text Outputs
  • API & WebUI
  • This project is at the moment in the research and development phase and most of the results/codes are not published yet.

Installation

git clone https://github.com/OWASP/Nettacker.git
cd Nettacker
pip install -r requirements.txt
python nettacker.py -h

THIS SOFTWARE WAS CREATED FOR AUTOMATED PENETRATION TESTING AND INFORMATION GATHERING. CONTRIBUTORS WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.

Use

Copyright (C) 2017 zdresearch

Source: https://github.com/viraintel/