OWASP Nettacker

OWASP Nettacker project was created to automate information gathering, vulnerability scanning and in general to aid penetration testing engagements. Nettacker is able to run various scans using a variety of methods and generate scan reports(in HTML/TXT/JSON/CSV format) for applications and networks, including discovering open ports, services, bugs, vulnerabilities, misconfigurations, default credentials, subdomains, etc. Nettacker can be run as a command-line utility (including running as a Docker container), API, Web GUI mode or as Maltego transforms.

OWASP Nettacker is written in 100% Python and does not rely on launching any external tools.

On October 31st 2023 OWASP Nettacker v0.3.2 was released with new modules to scan networks for Critical vulnerabilities such as: Adobe Coldfusion CVE-2023-26360, Atlassian Confluence CVE-2023-22515 and Citrix Netscaler CVE-2023-4966.

OWASP Nettacker can also help you find instances of critically vulnerable MOVEit Transfer and Citrix CVE-2023-24488 in your network.

OWASP Nettacker

Documentation

Code Repository

Docker Images

Contributing

Quick Demo - CLI

Quick Demo - WebUI

OWASP Nettacker

Classification

Audience

Downloads

Documentation

Code Repository

Contributing

Events & Videos

Community

Change Logs

Licensing

Leaders

Upcoming OWASP Global Events

OWASP Nettacker

Documentation

Code Repository

Docker Images

Contributing

Quick Demo - CLI

Quick Demo - WebUI

OWASP Nettacker

Classification

Audience

Downloads

Documentation

Code Repository

Contributing

Events & Videos

Social Media

Community

Change Logs

Licensing

Leaders

Upcoming OWASP Global Events