From 05a5de04be62fa3bde7ad642269a0c4081dc5c88 Mon Sep 17 00:00:00 2001
From: Sam Stepanyan <sam.stepanyan@owasp.org>
Date: Sun, 25 Aug 2024 01:50:48 +0100
Subject: [PATCH 1/2] Docs initial commit

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---
 docs/API.md                                   | 744 ++++++++++++++++++
 docs/Contributors.md                          |  38 +
 docs/Developers.md                            | 179 +++++
 docs/Events.md                                |  28 +
 docs/Home.md                                  |  30 +
 docs/Installation.md                          |  65 ++
 ...uctions-for-the-OWASP-Bay-Area-tutorial.md |  38 +
 docs/Media.md                                 |  42 +
 docs/Modules.md                               | 173 ++++
 docs/Usage.md                                 | 669 ++++++++++++++++
 docs/index.md                                 |   8 +
 docs/requirements.txt                         |   1 +
 12 files changed, 2015 insertions(+)
 create mode 100644 docs/API.md
 create mode 100644 docs/Contributors.md
 create mode 100644 docs/Developers.md
 create mode 100644 docs/Events.md
 create mode 100644 docs/Home.md
 create mode 100644 docs/Installation.md
 create mode 100644 docs/Instructions-for-the-OWASP-Bay-Area-tutorial.md
 create mode 100644 docs/Media.md
 create mode 100644 docs/Modules.md
 create mode 100644 docs/Usage.md
 create mode 100644 docs/index.md
 create mode 100644 docs/requirements.txt

diff --git a/docs/API.md b/docs/API.md
new file mode 100644
index 00000000..30c805f4
--- /dev/null
+++ b/docs/API.md
@@ -0,0 +1,744 @@
+WebUI/API Manual usage explained in the [Usage](Usage#api-and-webui) page but let's get into the structure of the request now.
+
+- [Purpose](#purpose)
+- [Requests Structure](#requests-structure)
+- [New Scan](#new-scan)
+- [Set Session](#set-session)
+  * [Set Cookie](#set-cookie)
+  * [Check Cookie](#check-cookie)
+  * [UnSet Cookie](#unset-cookie)
+- [Results List](#results-list)
+  * [Get a Scan Result](#get-a-scan-result)
+- [Hosts List](#hosts-list)
+  * [Search in the Hosts](#search-in-the-hosts)
+- [Generate a HTML Scan Result for a Host](#generate-a-html-scan-result-for-a-host)
+  * [Get the Scan Result in JSON Type](#get-the-scan-result-in-json-type)
+
+
+## Purpose 
+
+API usage purposes depend on the users, Some of them may want to scan their local company to monitor the network, This feature let all security staff use OWASP Nettacker on a shared server safely. API supports SSL. User can give their own Certificate and the key to run server on HTTPS.
+
+
+## Requests Structure
+
+```
+am4n@am4n-HP-ProBook-450-G4:~/Documents/OWASP-Nettacker$ python nettacker.py --start-api
+    
+   ______          __      _____ _____  
+  / __ \ \        / /\    / ____|  __ \ 
+ | |  | \ \  /\  / /  \  | (___ | |__) |
+ | |  | |\ \/  \/ / /\ \  \___ \|  ___/ 
+ | |__| | \  /\  / ____ \ ____) | |     Version 0.0.1  
+  \____/   \/  \/_/    \_\_____/|_|     SAME
+                          _   _      _   _             _            
+                         | \ | |    | | | |           | |            
+  github.com/zdresearch  |  \| | ___| |_| |_ __ _  ___| | _____ _ __ 
+  owasp.org              | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
+  zdresearch.com         | |\  |  __/ |_| || (_| | (__|   <  __/ |   
+                         |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|   
+                                               
+    
+
+ * API Key: 2608863752f1f89fa385e43c76c2853b
+ * Serving Flask app "api.engine" (lazy loading)
+ * Environment: production
+   WARNING: This is a development server. Do not use it in a production deployment.
+   Use a production WSGI server instead.
+ * Debug mode: off
+ * Running on https://127.0.0.1:5000/ (Press CTRL+C to quit)
+
+```
+
+At the first, you must send an API key through the request each time you send a request in `GET`, `POST`, or `Cookies` in the value named `key` or you will get `401` error in the restricted area.
+
+```python
+>>> import requests
+>>> from requests.packages.urllib3.exceptions import InsecureRequestWarning
+>>> requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
+>>> r = requests.get('https://127.0.0.1:5000/?key=8370bd0a0b9a98ac25b341833fb0fb07')
+>>> r.status_code
+200
+>>> r = requests.post('https://127.0.0.1:5000/', data={"key": "8370bd0a0b9a98ac25b341833fb0fb07"})
+>>> r.status_code
+200
+>>> r = requests.get('https://127.0.0.1:5000/', cookies={"key": "8370bd0a0b9a98ac25b341833fb0fb07"})
+>>> r.status_code
+200
+>>> r = requests.get('https://127.0.0.1:5000/new/scan', cookies={"key": "wrong_key"})
+>>> r.status_code
+401
+```
+
+## New Scan
+
+To submit a new scan follow this step.
+
+```python
+>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "8370bd0a0b9a98ac25b341833fb0fb07", "targets": "127.0.0.1,owasp.org", "scan_method": "port_scan"})
+>>> r.status_code
+200
+>>> import json
+>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
+{
+    "backup_ports": null, 
+    "check_ranges": false, 
+    "check_subdomains": false, 
+    "database_host": "", 
+    "database_name": "/home/am4n/owasp-nettacker/.data/nettacker.db", 
+    "database_password": "", 
+    "database_port": "", 
+    "database_type": "sqlite", 
+    "database_username": "", 
+    "graph_flag": "d3_tree_v2_graph", 
+    "home_path": "/home/am4n/owasp-nettacker/.data", 
+    "language": "en", 
+    "log_in_file": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_36_56_mibtrtoacd.html", 
+    "methods_args": {
+        "as_user_set": "set_successfully"
+    }, 
+    "passwds": null, 
+    "ping_flag": false, 
+    "ports": null, 
+    "profile": null, 
+    "results_path": "/home/am4n/owasp-nettacker/.data/results", 
+    "retries": 3, 
+    "scan_method": [
+        "port_scan"
+    ], 
+    "socks_proxy": null, 
+    "targets": [
+        "owasp.org"
+    ], 
+    "thread_number": 100, 
+    "thread_number_host": 5, 
+    "time_sleep": 0.0, 
+    "timeout_sec": 3, 
+    "tmp_path": "/home/am4n/owasp-nettacker/.data/tmp", 
+    "users": null, 
+    "verbose_level": 0
+}
+```
+
+Please note, `targets` and `scan_method` are **necessary** to submit a new scan unless you modify the config file before! The `scan_method` could be empty if you define the `profile`.
+
+```python
+>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "8370bd0a0b9a98ac25b341833fb0fb07"})
+>>> r.content
+'{"msg":"Cannot specify the target(s)","status":"error"}\n'
+
+>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "09877e92c75f6afdca6ae61ad3f53727", "targets": "127.0.0.1"})
+>>> r.content
+u'{"msg":"please choose your scan method!","status":"error"}\n'
+
+>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "09877e92c75f6afdca6ae61ad3f53727", "targets": "127.0.0.1", "scan_method": "dir_scan,port_scan"})
+>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
+{
+    "backup_ports": null, 
+    "check_ranges": false, 
+    "check_subdomains": false, 
+    "database_host": "", 
+    "database_name": "/home/am4n/owasp-nettacker/.data/nettacker.db", 
+    "database_password": "", 
+    "database_port": "", 
+    "database_type": "sqlite", 
+    "database_username": "", 
+    "graph_flag": "d3_tree_v2_graph", 
+    "home_path": "/home/am4n/owasp-nettacker/.data", 
+    "language": "en", 
+    "log_in_file": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_47_08_dugacttfmf.html", 
+    "methods_args": {
+        "as_user_set": "set_successfully"
+    }, 
+    "passwds": null, 
+    "ping_flag": false, 
+    "ports": null, 
+    "profile": null, 
+    "results_path": "/home/am4n/owasp-nettacker/.data/results", 
+    "retries": 3, 
+    "scan_method": [
+        "dir_scan", 
+        "port_scan"
+    ], 
+    "socks_proxy": null, 
+    "targets": [
+        "127.0.0.1"
+    ], 
+    "thread_number": 100, 
+    "thread_number_host": 5, 
+    "time_sleep": 0.0, 
+    "timeout_sec": 3, 
+    "tmp_path": "/home/am4n/owasp-nettacker/.data/tmp", 
+    "users": null, 
+    "verbose_level": 0
+}
+>>> r = requests.post('https://127.0.0.1:5000/new/scan', data={"key": "09877e92c75f6afdca6ae61ad3f53727", "targets": "127.0.0.1", "profile": "information_gathering"})
+>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
+{
+    "backup_ports": null, 
+    "check_ranges": false, 
+    "check_subdomains": false, 
+    "database_host": "", 
+    "database_name": "/home/am4n/owasp-nettacker/.data/nettacker.db", 
+    "database_password": "", 
+    "database_port": "", 
+    "database_type": "sqlite", 
+    "database_username": "", 
+    "graph_flag": "d3_tree_v2_graph", 
+    "home_path": "/home/am4n/owasp-nettacker/.data", 
+    "language": "en", 
+    "log_in_file": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_50_09_xjqatmkngn.html", 
+    "methods_args": {
+        "as_user_set": "set_successfully"
+    }, 
+    "passwds": null, 
+    "ping_flag": false, 
+    "ports": null, 
+    "profile": "information_gathering", 
+    "results_path": "/home/am4n/owasp-nettacker/.data/results", 
+    "retries": 3, 
+    "scan_method": [
+        "port_scan"
+    ], 
+    "socks_proxy": null, 
+    "targets": [
+        "127.0.0.1"
+    ], 
+    "thread_number": 100, 
+    "thread_number_host": 5, 
+    "time_sleep": 0.0, 
+    "timeout_sec": 3, 
+    "tmp_path": "/home/am4n/owasp-nettacker/.data/tmp", 
+    "users": null, 
+    "verbose_level": 0
+}
+
+>>>
+
+```
+
+All variables in JSON you've got in results could be changed in `GET`/`POST`/`Cookies`, you can fill them all just like normal CLI commands. (e.g. same scan method name (modules), you can separate with `,`, you can use `ports` like `80,100-200,1000,2000`, set users and passwords `user1,user2`, `passwd1,passwd2`). You cannot use `read_from_file:/tmp/users.txt` syntax in `methods_args`. if you want to send a big password list, just send it through the `POST` requests and separated with `,`.
+
+## Set Session
+
+To enable session-based requests, like (e.g. Python `requests.session()` or browsers), I developed a feature to interact with Cookie.
+
+### Set Cookie
+
+```python
+>>> s = requests.session()
+>>> r = s.get("https://localhost:5000/session/set?key=09877e92c75f6afdca6ae61ad3f53727")
+>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
+{
+    "msg": "your browser session is valid", 
+    "status": "ok"
+}
+>>> print r.cookies
+<RequestsCookieJar[<Cookie key=09877e92c75f6afdca6ae61ad3f53727 for localhost.local/>]>
+>>> r = s.get("https://localhost:5000/new/scan")
+>>> print r.content
+{
+  "msg": "Cannot specify the target(s)",
+  "status": "error"
+}
+
+>>>
+```
+### Check Cookie
+
+```python
+>>> r = s.get("https://localhost:5000/session/check")
+>>> print r.content
+{
+  "msg": "your browser session is valid",
+  "status": "ok"
+}
+```
+### UnSet Cookie
+
+```python
+>>> r = s.get("https://localhost:5000/session/kill")
+>>> print r.content
+{
+  "msg": "your browser session killed",
+  "status": "ok"
+}
+
+>>> print r.cookies
+<RequestsCookieJar[]>
+>>>
+```
+
+## Results List
+
+```python
+>>> r = s.get("https://localhost:5000/results/get_list?page=1")
+>>> print(json.dumps(json.loads(r.content), sort_keys=True, indent=4))
+[
+    {
+        "api_flag": 0, 
+        "category": "vuln,brute,scan", 
+        "date": "2020-06-09 11:08:45", 
+        "events_num": 317, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 8, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_11_04_17_pisajfbfyp.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "nettacker.py -i 127.0.0.1 -m all -M 100", 
+        "scan_id": "b745337b4feeb99cee3eb4ff4cb45fad", 
+        "scan_method": "XSS_protection_vuln,ProFTPd_directory_traversal_vuln,port_scan,telnet_brute,ssl_certificate_expired_vuln,http_form_brute,ProFTPd_integer_overflow_vuln,heartbleed_vuln,joomla_user_enum_scan,http_basic_auth_brute,http_ntlm_brute,wp_user_enum_scan,ProFTPd_restriction_bypass_vuln,http_cors_vuln,apache_struts_vuln,wordpress_version_scan,clickjacking_vuln,wp_xmlrpc_bruteforce_vuln,cms_detection_scan,wordpress_dos_cve_2018_6389_vuln,content_security_policy_vuln,pma_scan,ftp_brute,wp_theme_scan,wappalyzer_scan,wp_xmlrpc_brute,wp_xmlrpc_pingback_vuln,smtp_brute,drupal_version_scan,ProFTPd_memory_leak_vuln,wp_plugin_scan,ssh_brute,joomla_template_scan,wp_timthumbs_scan,self_signed_certificate_vuln,Bftpd_memory_leak_vuln,CCS_injection_vuln,dir_scan,viewdns_reverse_ip_lookup_scan,Bftpd_parsecmd_overflow_vuln,icmp_scan,ProFTPd_exec_arbitary_vuln,server_version_vuln,x_powered_by_vuln,admin_scan,citrix_cve_2019_19781_vuln,joomla_version_scan,sender_policy_scan,ProFTPd_cpu_consumption_vuln,Bftpd_double_free_vuln,drupal_theme_scan,ProFTPd_heap_overflow_vuln,weak_signature_algorithm_vuln,drupal_modules_scan,subdomain_scan,Bftpd_remote_dos_vuln,content_type_options_vuln,xdebug_rce_vuln,options_method_enabled_vuln,ProFTPd_bypass_sqli_protection_vuln", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "vuln,brute,scan", 
+        "date": "2020-06-09 11:08:42", 
+        "events_num": 372, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 7, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_11_04_04_bdzipsmtcc.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "nettacker.py -i 127.0.0.1 -m all", 
+        "scan_id": "8e9a1b2fd03cb7b969d99beea1cff2aa", 
+        "scan_method": "XSS_protection_vuln,ProFTPd_directory_traversal_vuln,port_scan,telnet_brute,ssl_certificate_expired_vuln,http_form_brute,ProFTPd_integer_overflow_vuln,heartbleed_vuln,joomla_user_enum_scan,http_basic_auth_brute,http_ntlm_brute,wp_user_enum_scan,ProFTPd_restriction_bypass_vuln,http_cors_vuln,apache_struts_vuln,wordpress_version_scan,clickjacking_vuln,wp_xmlrpc_bruteforce_vuln,cms_detection_scan,wordpress_dos_cve_2018_6389_vuln,content_security_policy_vuln,pma_scan,ftp_brute,wp_theme_scan,wappalyzer_scan,wp_xmlrpc_brute,wp_xmlrpc_pingback_vuln,smtp_brute,drupal_version_scan,ProFTPd_memory_leak_vuln,wp_plugin_scan,ssh_brute,joomla_template_scan,wp_timthumbs_scan,self_signed_certificate_vuln,Bftpd_memory_leak_vuln,CCS_injection_vuln,dir_scan,viewdns_reverse_ip_lookup_scan,Bftpd_parsecmd_overflow_vuln,icmp_scan,ProFTPd_exec_arbitary_vuln,server_version_vuln,x_powered_by_vuln,admin_scan,citrix_cve_2019_19781_vuln,joomla_version_scan,sender_policy_scan,ProFTPd_cpu_consumption_vuln,Bftpd_double_free_vuln,drupal_theme_scan,ProFTPd_heap_overflow_vuln,weak_signature_algorithm_vuln,drupal_modules_scan,subdomain_scan,Bftpd_remote_dos_vuln,content_type_options_vuln,xdebug_rce_vuln,options_method_enabled_vuln,ProFTPd_bypass_sqli_protection_vuln", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "vuln,brute,scan", 
+        "date": "2020-06-09 11:06:52", 
+        "events_num": 1016, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 6, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_11_03_23_ubytvgauvj.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "nettacker.py -i 127.0.0.1 -m all -M 100 -t 1000", 
+        "scan_id": "7d84af54f343e19671d1c52357bf928f", 
+        "scan_method": "XSS_protection_vuln,ProFTPd_directory_traversal_vuln,port_scan,telnet_brute,ssl_certificate_expired_vuln,http_form_brute,ProFTPd_integer_overflow_vuln,heartbleed_vuln,joomla_user_enum_scan,http_basic_auth_brute,http_ntlm_brute,wp_user_enum_scan,ProFTPd_restriction_bypass_vuln,http_cors_vuln,apache_struts_vuln,wordpress_version_scan,clickjacking_vuln,wp_xmlrpc_bruteforce_vuln,cms_detection_scan,wordpress_dos_cve_2018_6389_vuln,content_security_policy_vuln,pma_scan,ftp_brute,wp_theme_scan,wappalyzer_scan,wp_xmlrpc_brute,wp_xmlrpc_pingback_vuln,smtp_brute,drupal_version_scan,ProFTPd_memory_leak_vuln,wp_plugin_scan,ssh_brute,joomla_template_scan,wp_timthumbs_scan,self_signed_certificate_vuln,Bftpd_memory_leak_vuln,CCS_injection_vuln,dir_scan,viewdns_reverse_ip_lookup_scan,Bftpd_parsecmd_overflow_vuln,icmp_scan,ProFTPd_exec_arbitary_vuln,server_version_vuln,x_powered_by_vuln,admin_scan,citrix_cve_2019_19781_vuln,joomla_version_scan,sender_policy_scan,ProFTPd_cpu_consumption_vuln,Bftpd_double_free_vuln,drupal_theme_scan,ProFTPd_heap_overflow_vuln,weak_signature_algorithm_vuln,drupal_modules_scan,subdomain_scan,Bftpd_remote_dos_vuln,content_type_options_vuln,xdebug_rce_vuln,options_method_enabled_vuln,ProFTPd_bypass_sqli_protection_vuln", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "vuln,brute,scan", 
+        "date": "2020-06-09 11:01:14", 
+        "events_num": 1017, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 5, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_59_29_oyzxmegtuk.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "nettacker.py -i 127.0.0.1 -m all -t 1000", 
+        "scan_id": "d944c9a02053fd387d1e3343fec6b320", 
+        "scan_method": "XSS_protection_vuln,ProFTPd_directory_traversal_vuln,port_scan,telnet_brute,ssl_certificate_expired_vuln,http_form_brute,ProFTPd_integer_overflow_vuln,heartbleed_vuln,joomla_user_enum_scan,http_basic_auth_brute,http_ntlm_brute,wp_user_enum_scan,ProFTPd_restriction_bypass_vuln,http_cors_vuln,apache_struts_vuln,wordpress_version_scan,clickjacking_vuln,wp_xmlrpc_bruteforce_vuln,cms_detection_scan,wordpress_dos_cve_2018_6389_vuln,content_security_policy_vuln,pma_scan,ftp_brute,wp_theme_scan,wappalyzer_scan,wp_xmlrpc_brute,wp_xmlrpc_pingback_vuln,smtp_brute,drupal_version_scan,ProFTPd_memory_leak_vuln,wp_plugin_scan,ssh_brute,joomla_template_scan,wp_timthumbs_scan,self_signed_certificate_vuln,Bftpd_memory_leak_vuln,CCS_injection_vuln,dir_scan,viewdns_reverse_ip_lookup_scan,Bftpd_parsecmd_overflow_vuln,icmp_scan,ProFTPd_exec_arbitary_vuln,server_version_vuln,x_powered_by_vuln,admin_scan,citrix_cve_2019_19781_vuln,joomla_version_scan,sender_policy_scan,ProFTPd_cpu_consumption_vuln,Bftpd_double_free_vuln,drupal_theme_scan,ProFTPd_heap_overflow_vuln,weak_signature_algorithm_vuln,drupal_modules_scan,subdomain_scan,Bftpd_remote_dos_vuln,content_type_options_vuln,xdebug_rce_vuln,options_method_enabled_vuln,ProFTPd_bypass_sqli_protection_vuln", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "scan", 
+        "date": "2020-06-09 10:50:18", 
+        "events_num": 9, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 4, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": "information_gathering", 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_50_09_xjqatmkngn.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "Through the OWASP Nettacker API", 
+        "scan_id": "05ba4e5b839b5ba525c9a35baa8864a1", 
+        "scan_method": "port_scan", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "scan", 
+        "date": "2020-06-09 10:47:17", 
+        "events_num": 9, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 3, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_47_08_dugacttfmf.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "Through the OWASP Nettacker API", 
+        "scan_id": "18af7af856b4ceefac659a59c4908088", 
+        "scan_method": "dir_scan,port_scan", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "scan", 
+        "date": "2020-06-09 10:38:50", 
+        "events_num": 0, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 2, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_35_10_jvxotwxako.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "Through the OWASP Nettacker API", 
+        "scan_id": "78d253c3a28d2bb4f467ac040ccaa854", 
+        "scan_method": "port_scan", 
+        "verbose": 0
+    }, 
+    {
+        "api_flag": 0, 
+        "category": "scan", 
+        "date": "2020-06-09 10:38:49", 
+        "events_num": 3, 
+        "graph_flag": "d3_tree_v2_graph", 
+        "id": 1, 
+        "language": "en", 
+        "ports": "default", 
+        "profile": null, 
+        "report_filename": "/home/am4n/owasp-nettacker/.data/results/results_2020_06_09_10_36_56_mibtrtoacd.html", 
+        "report_type": "HTML", 
+        "scan_cmd": "Through the OWASP Nettacker API", 
+        "scan_id": "708e1dcf0f2ce9fe71038ccea7bf28bb", 
+        "scan_method": "port_scan", 
+        "verbose": 0
+    }
+]
+```
+
+### Get a Scan Result
+
+```python
+>>> r = s.get("https://localhost:5000/results/get?id=8")
+>>> print r.content[:500]
+<!DOCTYPE html>
+<!-- THIS PAGE COPIED AND MODIFIED FROM http://bl.ocks.org/robschmuecker/7880033-->
+<title>OWASP Nettacker Report</title>
+<meta charset="utf-8">
+<div class="header">
+    <h3><a href="https://github.com/zdresearch/nettacker">OWASP Nettacker</a></h3>
+    <h3>Penetration Testing Graphs</h3>
+</div>
+<style type="text/css">
+
+	.header{
+    margin:2%;
+    text-align:center;
+  }
+  .node {
+    cursor: pointer;
+  }
+
+  .overlay{
+      background-color:#EEE;
+  }
+
+  .node circle {
+    fill: #f
+
+...
+
+```
+
+## Hosts List
+```python
+>>> r = s.get("https://localhost:5000/logs/search?q=&page=1")
+>>> print json.dumps(json.loads(r.content), sort_keys=True, indent=4)
+[
+    {
+        "host": "owasp.org", 
+        "info": {
+            "category": [
+                "scan"
+            ], 
+            "descriptions": [
+                "8443/http/TCP_CONNECT", 
+                "80/http/TCP_CONNECT", 
+                "443/http/TCP_CONNECT"
+            ], 
+            "open_ports": [], 
+            "scan_methods": [
+                "port_scan"
+            ]
+        }
+    }
+]
+
+
+>>>
+```
+
+### Search in the Hosts
+
+```python
+>>> r = s.get("https://localhost:5000/logs/search?q=port_scan&page=3")
+>>> print r.content
+[
+  {
+    "host": "owasp4.owasp.org",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "22/TCP_CONNECT",
+        "80/TCP_CONNECT"
+      ],
+      "open_ports": [
+        22,
+        80
+      ],
+      "scan_methods": [
+        "port_scan"
+      ]
+    }
+  },
+  {
+    "host": "new-wiki.owasp.org",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "22/TCP_CONNECT",
+        "80/TCP_CONNECT"
+      ],
+      "open_ports": [
+        22,
+        80
+      ],
+      "scan_methods": [
+        "port_scan"
+      ]
+    }
+  },
+  {
+    "host": "cheesemonkey.owasp.org",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "80/TCP_CONNECT"
+      ],
+      "open_ports": [
+        80
+      ],
+      "scan_methods": [
+        "port_scan"
+      ]
+    }
+  },
+  {
+    "host": "5.79.66.240",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "filesmog.com",
+        "\u062f\u0631\u06af\u0627\u0647 \u0628\u0627\u0632"
+      ],
+      "open_ports": [
+        5901,
+        6001,
+        22
+      ],
+      "scan_methods": [
+        "viewdns_reverse_ip_lookup_scan",
+        "port_scan"
+      ]
+    }
+  },
+  {
+    "host": "5.79.66.237",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "\u062f\u0631\u06af\u0627\u0647 \u0628\u0627\u0632",
+        "http://5.79.66.237/robots.txt \u067e\u06cc\u062f\u0627 \u0634\u062f!(OK:200)",
+        "http://5.79.66.237/.htaccess.txt \u067e\u06cc\u062f\u0627 \u0634\u062f!(Forbidden:403)",
+        "http://5.79.66.237/.htaccess.save \u067e\u06cc\u062f\u0627 \u0634\u062f!(Forbidden:403)",
+        "http://5.79.66.237/phpmyadmin \u067e\u06cc\u062f\u0627 \u0634\u062f!(OK:200)",
+        "http://5.79.66.237/.htaccess.old \u067e\u06cc\u062f\u0627 \u0634\u062f!(Forbidden:403)",
+        "http://5.79.66.237/.htaccess \u067e\u06cc\u062f\u0627 \u0634\u062f!(Forbidden:403)",
+        "http://5.79.66.237/server-status \u067e\u06cc\u062f\u0627 \u0634\u062f!(Forbidden:403)",
+        "http://5.79.66.237//phpmyadmin/ \u067e\u06cc\u062f\u0627 \u0634\u062f!(OK:200)",
+        "http://5.79.66.237//phpMyAdmin/ \u067e\u06cc\u062f\u0627 \u0634\u062f!(OK:200)",
+        "offsec.ir"
+      ],
+      "open_ports": [
+        8083,
+        8000,
+        443,
+        80,
+        22,
+        21
+      ],
+      "scan_methods": [
+        "port_scan",
+        "dir_scan",
+        "pma_scan",
+        "viewdns_reverse_ip_lookup_scan"
+      ]
+    }
+  },
+  {
+    "host": "192.168.1.124",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "2179/TCP_CONNECT",
+        "445/TCP_CONNECT",
+        "135/TCP_CONNECT",
+        "22/TCP_CONNECT",
+        "139/TCP_CONNECT",
+        "zhanpang.cn",
+        "yowyeh.cn",
+        "treelights.website",
+        "sxyhed.com",
+        "redlxin.com",
+        "ppoo6.com",
+        "miancan.cn",
+        "maynard.top",
+        "liyedai.site",
+        "linterfund.com",
+        "li5xs.com",
+        "hxinglan.win",
+        "heresylly.top",
+        "gzptjwangye.bid",
+        "eatpeanutfree.com",
+        "comgmultiservices.com",
+        "biyao123.com"
+      ],
+      "open_ports": [
+        2179,
+        445,
+        135,
+        22,
+        139
+      ],
+      "scan_methods": [
+        "port_scan",
+        "viewdns_reverse_ip_lookup_scan"
+      ]
+    }
+  },
+  {
+    "host": "192.168.1.127",
+    "info": {
+      "category": [
+        "scan"
+      ],
+      "descriptions": [
+        "49152/TCP_CONNECT",
+        "49154/TCP_CONNECT",
+        "49155/TCP_CONNECT",
+        "49153/TCP_CONNECT"
+      ],
+      "open_ports": [
+        49152,
+        49154,
+        49155,
+        49153
+      ],
+      "scan_methods": [
+        "port_scan"
+      ]
+    }
+  }
+]
+
+>>>
+```
+## Generate a HTML Scan Result for a Host
+```python
+>>> r = s.get("https://localhost:5000/logs/get_html?host=127.0.0.1")
+>>> print r.content[:1000]
+<!DOCTYPE html>
+<!-- THIS PAGE COPIED AND MODIFIED FROM http://bl.ocks.org/robschmuecker/7880033-->
+<title>OWASP Nettacker Report</title>
+<meta charset="utf-8">
+<div class="header">
+    <h3><a href="https://github.com/zdresearch/nettacker">OWASP Nettacker</a></h3>
+    <h3>Penetration Testing Graphs</h3>
+</div>
+<style type="text/css">
+
+	.header{
+    margin:2%;
+    text-align:center;
+  }
+  .node {
+    cursor: pointer;
+  }
+
+  .overlay{
+      background-color:#EEE;
+  }
+
+  .node circle {
+    fill: #fff;
+    stroke: steelblue;
+    stroke-width: 1.5px;
+  }
+
+  .node text {
+    font-size:12px;
+    font-family:sans-serif;
+  }
+...
+...
+>>>
+```
+
+### Get the Scan Result in JSON Type
+```python
+>>> r = s.get("https://localhost:5000/logs/get_json?host=owasp.org")
+>>> print(json.dumps(json.loads(r.content), sort_keys=True, indent=4))
+[
+    {
+        "DESCRIPTION": "443/http/TCP_CONNECT", 
+        "HOST": "owasp.org", 
+        "PASSWORD": "", 
+        "PORT": "443", 
+        "SCAN_ID": "708e1dcf0f2ce9fe71038ccea7bf28bb", 
+        "TIME": "2020-06-09 10:36:59", 
+        "TYPE": "port_scan", 
+        "USERNAME": ""
+    }, 
+    {
+        "DESCRIPTION": "80/http/TCP_CONNECT", 
+        "HOST": "owasp.org", 
+        "PASSWORD": "", 
+        "PORT": "80", 
+        "SCAN_ID": "708e1dcf0f2ce9fe71038ccea7bf28bb", 
+        "TIME": "2020-06-09 10:36:59", 
+        "TYPE": "port_scan", 
+        "USERNAME": ""
+    }, 
+    {
+        "DESCRIPTION": "8443/http/TCP_CONNECT", 
+        "HOST": "owasp.org", 
+        "PASSWORD": "", 
+        "PORT": "8443", 
+        "SCAN_ID": "708e1dcf0f2ce9fe71038ccea7bf28bb", 
+        "TIME": "2020-06-09 10:38:17", 
+        "TYPE": "port_scan", 
+        "USERNAME": ""
+    }
+]
+>>>
+```
\ No newline at end of file
diff --git a/docs/Contributors.md b/docs/Contributors.md
new file mode 100644
index 00000000..dfada5bb
--- /dev/null
+++ b/docs/Contributors.md
@@ -0,0 +1,38 @@
+People who helped to create the OWASP Nettacker. You can see the complete list of Developers on [OpenHub](https://www.openhub.net/p/OWASP-Nettacker/contributors) and [GitHub](https://github.com/OWASP/Nettacker/graphs/contributors) contributors.
+
+### Leaders & Mentors
+* [Ali Razmjoo Qalaei](mailto:ali.razmjoo@owasp.org)
+* [Arkadii Yakovets](mailto:arkadii.yakovets@owasp.org)
+* [Sam Stepanyan](mailto:sam.stepanyan@owasp.org)
+* [Sri Harsha Gajavalli](mailto:sriharsha.g@owasp.org)
+
+
+
+### Contributors
+* [Shaddy Garg](mailto:shaddygarg1@gmail.com)
+* [Pradeep Jairamani](mailto:pradeepjairamani22@gmail.com)
+* [Hannah Brand](mailto:bran0793@umn.edu)
+* [Vahid Behzadan](mailto:behzadan@ksu.edu)
+* [Mohammad Reza Zamiri](mailto:mr.zamiri@ieee.org)
+* [Mojtaba MasoumPour](mailto:mojtaba6892@gmail.com)
+* [Ehsan Nezami](mailto:ehsan.empire1@gmail.com)
+* [camel32bit](https://github.com/camel32bit)
+* [Ravindra Sharma](mailto:sha.ravindra1307@gmail.com)
+* [Harshavardhan Reddy](mailto:harsha010@outlook.com)
+* [ArianPH](mailto:pandkhahiarian@gmail.com)
+* [omdmhd](mailto:om.mo1375@gmail.com)
+* [Mahdi Rasouli](mailto:mahdirasouli007@gmail.com)
+* [Tikam Singh Alma](mailto:timonalma81@gmail.com)
+* [Jecky](mailto:ht974@nyu.edu)
+* [VictorSuraj](https://github.com/VictorSuraj)
+* [Clarence Cromwell](mailto:clarencewcromwell@gmail.com)
+* [Aman Gupta](mailto:aman.gupta@owasp.org)
+* [Kunal Khandelwal](mailto:khandelwal.kunal4@gmail.com)
+* [Pinaki Mondal aka 0xInfection](https://github.com/0xInfection) 
+* [Divyansh Jain](https://github.com/itsdivyanshjain)
+* [Akshay Behl](https://github.com/Captain-T2004)
+* **[FULL LIST](https://github.com/OWASP/Nettacker/graphs/contributors)**
+
+
+
+The OWASP Nettacker Project Team is very grateful to Google's Summer of Code (GSoC - summerofcode.withgoogle.com) and to all GSoC students who helped to enhance Nettacker while working during their summer break!
\ No newline at end of file
diff --git a/docs/Developers.md b/docs/Developers.md
new file mode 100644
index 00000000..e6e2f724
--- /dev/null
+++ b/docs/Developers.md
@@ -0,0 +1,179 @@
+We gladly support and appreciate anyone is interested to contribute to the OWASP Nettacker Project. Overall developers may focus on developing core framework, modules or payloads, language libraries and media. After reading this document you should be able to get the basic knowledge to start developing. Please consider that we are using PEP8 python code style and using [Codacy](https://app.codacy.com/app/zdresearch/OWASP-Nettacker/dashboard) to figure the code quality. In addition, [GitHub Actions](https://github.com/OWASP/Nettacker/actions) will check your PR automatically on several Python versions (2.x, 3.x). Before sending your PR, make sure you added **code-based documentation** to your codes and read the PR template. If you use any code/library/module with a license, add the license into external license file.
+
+* [Code of Conduct](https://github.com/zdresearch/OWASP-Nettacker/blob/master/CODE_OF_CONDUCT.md)
+* [Issue Template](https://github.com/zdresearch/OWASP-Nettacker/blob/master/ISSUE_TEMPLATE.md)
+* **[PR Template](https://github.com/zdresearch/OWASP-Nettacker/blob/master/PULL_REQUEST_TEMPLATE.md)**
+* [License](https://github.com/zdresearch/OWASP-Nettacker/blob/master/LICENSE)
+* [External Licenses](https://github.com/zdresearch/OWASP-Nettacker/blob/master/EXTERNAL_LIBRARIES_LICENSES.md)
+________
+- [Contribution Guidelines](#contribution-guidelines)
+- [Roadmap](#roadmap)
+- [Creating Media](#creating-media)
+- [Contribute to Language Libraries](#contribute-to-language-libraries)
+  * [Add a New Language Library](#add-a-new-language-library)
+  * [Modify/Update Language Libraries](#modify-update-language-libraries)
+
+
+# Contribution Guidelines
+These are the guidelines you need to keep in mind while contributing:
+- The code must have been thoroughly tested in your local development environment.
+- The code must be both python 2 and 3 compatible.
+- The code must follow the PEP8 styling guidelines with a 4 spaces indentation.
+- Each pull request should have only one commit related to each update.
+- Please open different pull requests for individual updates.
+- The commit messages should be meaningful.
+- Be sure to add the concerned documentation for the added feature.
+- The branch in the pull request must be up-to-date with the `master` of Upstream.
+- Please follow the clean code guidelines [1](https://github.com/rmariano/Clean-code-in-Python/blob/master/build/Clean%20code%20in%20Python.pdf) and [2](https://github.com/zedr/clean-code-python).
+
+For any doubts regarding the guidelines please contact the project leaders.
+
+# Roadmap
+
+Developers always could be aware of the OWASP Nettacker project roadmap by checking
+
+* 1- Project Management Page https://github.com/OWASP/Nettacker/projects
+* 2- Issues Page https://github.com/OWASP/OWASP-Nettacker/issues
+
+To contribute OWASP Nettacker. Existing Issues, Tasks, Code Style Issues are great opportunity to start developing the OWASP Nettacker.
+
+# Creating Media
+
+We appreciated all kind of media to demonstrate the OWASP Nettacker in any language and environment. It is a great activity to help us grow our framework and get more publicity. Currently, we collected a few media on [Media](https://github.com/zdresearch/OWASP-Nettacker/wiki/Media) page. Feel free to post your Media on [this](https://github.com/zdresearch/OWASP-Nettacker/issues/1) page.
+
+# Contribute to Language Libraries
+
+OWASP Nettacker is using multi-language libraries (default English) to create a better user experience. Currently we are supporting `Greek/el`, `French/fr`, `English/en`, `Dutch/nl`, `Pashto/ps`, `Turkish/tr`, `German/de`, `Korean/ko`, `Italian/it`, `Japanese/ja`, `Persian/fa`, `Armenian/hy`, `Arabic/ar`, `Chinese(Simplified)/zh-cn`, `Vietnamese/vi`, `Russian/ru`, `Hindi/hi`, `Urdu/ur`, `Indonesian/id`, `Spanish/es`, `Hebrew/iw`) languages. If you are an expert in one these languages, It would be a great favor to contribute to one of these. If any language you want to contribute is not listed, feel free to follow the below steps to add it.
+
+## Add a New Language Library
+
+In some cases language library does not exist, you can create a new file and add it to the framework.
+
+* 1- Goto `lib/messages`
+* 2- Name your message library e.g. `fa.yaml`
+* 3- Copy the default language lib (`en.yaml`) and start your translation.
+* 4- **Please notice that you should not change the key-value like `scan_started`, `options` and etc. you just need to modify the Values.**
+
+## Modify/Update Language Libraries
+
+To contribute to the existing libraries, You may go to `lib/messages` select the file you want to contribute and 
+
+* 1- Translate English messages to the selected language.
+* 2- Compare the language library with **English** library and add new messages to this library and translate them.
+* 3- Modify the translated messages to better translations.
+
+# Contribute to Modules
+
+Modules exist in path `/modules/module_category`. Currently, we have three categories (scan, brute, vuln). if you need to add more just create a directory with a name! To start a new module you should understand what kind of protocol you want to use. The list of protocols and module functionalities are in `core/module_protocols`. To understand how they work read the below example.
+
+```yaml
+info: # this section is to store information about module
+  name: dir_scan
+  author: OWASP Nettacker Team
+  severity: 3
+  description: Directory, Backup finder
+  reference: https://www.zaproxy.org/docs/alerts/10095/
+  profiles: # module will be added to below profiles and user can use --profile scan to run this and other modules in same profile
+    - scan
+    - http
+    - backup
+    - low_severity
+
+payloads: # this section stores the payloads
+  - library: http # the time of library, you can use multiple library if needed as an array
+    verify: false
+    timeout: 3
+    cert: ""
+    stream: false
+    proxies: ""
+    steps:
+      - method: get # type of request
+        headers: # headers
+          User-Agent: "{user_agent}" # this will be replaced by default user-agent or user input
+        URL: # URL is the input we want to fuzz
+          nettacker_fuzzer:
+            input_format: "{{schema}}://{target}:{{ports}}/{{urls}}" # format of url
+            prefix: ""
+            suffix: ""
+            interceptors:
+            data:
+              urls:
+                - "administrator"
+                - "admin"
+                - "old"
+                - "_vti_bin"
+                - "_private"
+                - "cgi-bin"
+                - "public_html"
+                - "images"
+              schema:
+                - "http"
+                - "https"
+              ports:
+                - 80
+                - 443
+        response: # response will check if the payload were success
+          condition_type: or # could be and/or
+          conditions: # could be in header/content/status_code/reason/timeresponse
+            status_code:
+              regex: 200|403|401
+              reverse: false # if true, it will reverse the regex
+
+
+```
+
+The `http` protocol uses exactly the same inputs as the python `requests` library. if we want to convert the yaml code to python requests it will be:
+
+```python
+In [5]: import requests
+
+In [6]: lib=requests
+
+In [7]: lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url", headers={'User-Agent': 'whatever'})
+```
+
+The inputs such as `ports` will be replaced by user input and 80,443 is just a default value to hold in case the user did not enter any ports. you can see all user inputs from `config.py`.
+
+Any value that comes in an array in the YAML files will be treated as a loop and it will regenerate the request until all loops are finished.
+
+```python
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url1", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url2", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url3", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url4", headers={'User-Agent': 'whatever'})
+```
+
+or
+
+```python
+dynamics: http, https, url1, url2 , url3, url4, port 80, port 443
+# https
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url1", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url2", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url3", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:443/url4", headers={'User-Agent': 'whatever'})
+# http
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:80/url1", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:80/url2", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:80/url3", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:80/url4", headers={'User-Agent': 'whatever'})
+
+# https on 80
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:80/url1", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:80/url2", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:80/url3", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="https://www.owasp.org:80/url4", headers={'User-Agent': 'whatever'})
+
+# http on 443
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:443/url1", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:443/url2", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:443/url3", headers={'User-Agent': 'whatever'})
+lib.get(verify=False, timeout=3, cert="", stream=False, proxies="", url="http://www.owasp.org:443/url4", headers={'User-Agent': 'whatever'})
+
+
+```
+
+
+# Contribute to Code Functionality & API & WebUI
+
+go nuts!
\ No newline at end of file
diff --git a/docs/Events.md b/docs/Events.md
new file mode 100644
index 00000000..d6a9b045
--- /dev/null
+++ b/docs/Events.md
@@ -0,0 +1,28 @@
+# Events
+The OWASP Nettacker Events page lists various conferences and meetups where the OWASP Nettacker project has been presented. These include notable appearances at OFFSECONF 2017, BlackHat Europe, OWASP Global AppSec and Security BSides Dublin and Athens, among others. The page provides links to presentations, webinars, podcasts, and video content from these events:
+
+
+* OWASP Nettacker was introduced in **OFFSECONF 2017** [[1](https://groups.google.com/forum/#!topic/owasp-nettacker/3gscDww2sf4)]
+  * OFFSECONF 2017 Introduction Presentation [[1](https://drive.google.com/file/d/1Ox1xpvncPgSZPaFjvTQvkOwxP3to7Rqk/view?usp=sharing)]
+* OWASP Nettacker Accepted for **Google Summer of Code 2018** [[1](https://www.owasp.org/index.php/GSOC2018_Ideas)] [[2](https://summerofcode.withgoogle.com/organizations/6664778743808000/)]
+  * OWASP Nettacker Video Conference/Webinar for GSoC Team 1 May 2018 - **Vahid Behzadan - ML/AI in CyberSecurity** [[1](https://www.youtube.com/watch?v=7RQH8oECSyg)]
+  * **Shaddy Garg**'s GSoC Experince [[1](https://medium.com/@shaddygarg/google-summer-of-code-final-submission-12eb98993ba8)]
+  * **Pradeep Jairamani**'s GSoC Experince [[1](https://medium.com/@pradeepjairamani/google-summer-of-code-final-submission-7a498856c914)]
+* OWASP Nettacker Tutorial by at **OWASP Bay Area** meetup (Presented by **Vahid Behzadan** - Sponsered by **OWASP Bay Area**) [[1](https://www.youtube.com/watch?v=4pu4hJMk6m8)]
+* OWASP Nettacker Presented By Ali Razmjoo in OWASP Iran Chapter Meeting July 2018 [[1](https://www.owasp.org/index.php/Iran#tab=Past_Events)]
+* OWASP Nettacker ICS Section Presented in **P0SCON 2018 By Mohammad Reza Zamiri** [[1](http://www.poscon.ir/)] 
+* OWASP Nettacker ICS Section will be presented in **KasperSky Industrial Cybersecurity**: Opportunities and challenges in Digital Transformation 2018 by **Mohammad Reza Zamiri** [[1](https://github.com/zdresearch/OWASP-Nettacker/tree/master/lib/payload/scanner/ics_honeypot)] [[2](https://ics.kaspersky.com/conference/)]
+* OWASP Nettacker was presented at **BlackHat Europe Arsenal 2018** by Sam Stepanyan and Dr Grigorios "Greg" Fragkos
+* OWASP Nettacker was presented at **BlackHat Europe Arsenal 2019** (more In-Depth Demo) by Paul Harragan and Sam Stepanyan [[1](https://www.blackhat.com/eu-19/arsenal/schedule/#owasp-nettacker-updated---more-in-depth-demo-18100)]
+* OWASP Nettacker was presented at **AppSec California 2020** by **Sam Stepanyan** [[1](https://appseccalifornia2020.sched.com/event/XLtt/introducing-the-owasp-nettacker-project?iframe=no&w=100%&sidebar=yes&bg=no)] [[2](https://youtu.be/rZfCFFewfiU)]
+* OWASP Nettacker was presented at **OWASP Chapters All-Day** conference (June 7th 2020) by **Sam Stepanyan** [[1](https://youtu.be/-klGZ7AaMc4)]
+* OWASP Nettacker was presented at **BSides Athens 2020** conference by **Sam Stepanyan** [[1](https://youtu.be/vNNDC_ScxCA)]
+* OWASP Nettacker was presented at **AppSecIL 2020** conference by **Sam Stepanyan**  [[1](https://appsecil2020.sched.com/event/fF7u/using-owasp-nettacker-for-recon-and-vulnerability-scanning)]
+* OWASP Nettacker was presented at **BlackHat Asia 2020** conference by **Sam Stepanyan** [[1](https://www.blackhat.com/asia-20/arsenal/schedule/#owasp-nettacker-19079)]
+* OWASP Nettacker Presentation Slides (as presented at **OWASP Jakarta** 2021 event): [[1](https://speakerdeck.com/samstepanyanowasp/using-owasp-nettacker-project-for-recon-and-vulnerability-scanning)]
+* OWASP Nettacker was presented at **OWASP Ottawa** Chapter by **Sam Stepanyan** [[1](https://www.youtube.com/watch?v=HvXPcByShgI)]
+* OWASP Nettacker was presented at **OWASP Kyiv** Chapter by **Sam Stepanyan** [[1](https://www.youtube.com/watch?v=KrwQlgeZn7I)]
+* OWASP Nettacker was presented at the **AppSec Engineer** session by **Sam Stepanyan** [[1](https://www.youtube.com/watch?v=eXzIPuTtqAQ)]
+* OWASP Nettacker was presented at **Security BSides Dublin 2022** conference by **Sam Stepanyan** [[1](https://www.youtube.com/watch?v=GcRFkZEaWqI)]
+* OWASP Netacker was presented et the **Appplication Security Podcast** by **Sam Stepanyan** [[1](https://www.youtube.com/watch?v=tqZ8Lmucujw)]
+* OWASP Nettacker was presented at the **OWASP Global AppSec DC 2023 Conference** by **Sam Stepanyan** [[1](https://www.youtube.com/watch?v=yZxjBme029A)] 
diff --git a/docs/Home.md b/docs/Home.md
new file mode 100644
index 00000000..1a9de73c
--- /dev/null
+++ b/docs/Home.md
@@ -0,0 +1,30 @@
+# OWASP Nettacker
+
+### Wiki sections are visible in the sidebar (right).
+
+<img src="https://raw.githubusercontent.com/viraintel/OWASP-Nettacker/master/web/static/img/owasp-nettacker.png" width="200"><img src="https://raw.githubusercontent.com/viraintel/OWASP-Nettacker/master/web/static/img/owasp.png" width="500">
+
+- [Introduction](#introduction)
+  * [Links](#links)
+- [[Installation|Installation]]
+- [[Usage|Usage]]
+
+# Introduction
+
+
+OWASP Nettacker is open-source software written in Python language using **YAML-type** modules that let you automate penetration testing and Information Gathering. This software aims to have all security tests you can do in a network, such as vulnerability scan and management (with or without CVE), brute force attacks, misconfiguration, and more. The purpose of this project is to speed up internal and external security assessments.
+
+![OWASP Nettacker](https://user-images.githubusercontent.com/7676267/35123376-283d5a3e-fcb7-11e7-9b1c-92b78ed4fecc.gif)
+
+## Links
+
+* OWASP Page: https://www.owasp.org/index.php/OWASP_Nettacker
+* Wiki: https://github.com/OWASP/OWASP-Nettacker/wiki
+* Github: https://github.com/OWASP/OWASP-Nettacker
+* Slack: #project-nettacker on https://owasp.slack.com
+* Mailing List: https://groups.google.com/forum/#!forum/owasp-nettacker
+* Docker Image: https://hub.docker.com/r/alirazmjoo/owaspnettacker/
+* OpenHub: https://www.openhub.net/p/OWASP-Nettacker
+* CI: https://github.com/OWASP/Nettacker/actions
+* **Donate**: https://www.owasp.org/index.php/OWASP_Nettacker
+* Maintainer: https://www.secologist.com/
diff --git a/docs/Installation.md b/docs/Installation.md
new file mode 100644
index 00000000..467310b0
--- /dev/null
+++ b/docs/Installation.md
@@ -0,0 +1,65 @@
+**Contents**:
+
+* [Before Installation](#before-installation)
+* [Installation methods](#installation)
+* [After Installation](#after-installation)
+
+
+### Supported Platforms
+
+OWASP Nettacker runs on Linux operating system (we recommend using the docker image to be able to run it on any OS). If you would like to run this on your machine you must install all dependencies and at least Python 3.9.2
+
+PLEASE NOTE: Starting from Nettacker version 0.0.3 the support for Python2 and Python <3.9 has been dropped. If you have a requirement to use Nettacker on Python 2.x or 3.0-3.7 you can use the legacy version of Nettacker [v0.0.2](https://github.com/OWASP/Nettacker/releases/tag/0.0.2) 
+
+### Dependencies
+
+OWASP Nettacker v0.0.3 has dependencies on the following libraries and tools:
+
+* libcurl4-openssl-dev
+* libcurl4-gnutls-dev
+* librtmp-dev
+* libssl-dev
+* python3-dev
+* libpq-dev (required if you wish to use PostgreSQL database)
+* libffi-dev 
+* musl-dev 
+* make
+* gcc 
+* git
+
+A `requirements-apt-get.txt` file is included with Nettacker to assist the installation of the above libraries on Debian-based OS using `apt-get`. If you are using Windows, Mac or non-Debian-based Linux distro you need to install the corresponding dependencies for your operating system first.
+
+Before using this software, please install the requirements following the commands below:
+
+
+Install Python 3 first:
+```
+apt-get update
+apt-get install -y python3 python3-dev python3-pip
+pip3 install --upgrade pip3
+```
+Install Requirements.
+
+```
+apt-get update
+apt-get install -y < requirements-apt-get.txt
+pip3 install --upgrade pip
+pip3 install -r requirements.txt
+pip3 install -r requirements-dev.txt
+```
+
+PLEASE NOTE: Python version 3.9.2 or higher is required to run Nettacker v.0.0.3. You can check the version of Python3 installed by running:
+
+```
+python3 -V
+```
+
+If you have Python v3.9.2 or higher you should be able to run OWASP Nettacker via command `python3 nettacker.py`
+
+
+### Make your life easier using docker
+To run the API server, just run `docker-compose up`. if you need to run via command line use the commands below.
+
+```
+docker-compose up -d && docker exec -it nettacker_nettacker_1 /bin/bash
+```
diff --git a/docs/Instructions-for-the-OWASP-Bay-Area-tutorial.md b/docs/Instructions-for-the-OWASP-Bay-Area-tutorial.md
new file mode 100644
index 00000000..778f4190
--- /dev/null
+++ b/docs/Instructions-for-the-OWASP-Bay-Area-tutorial.md
@@ -0,0 +1,38 @@
+0. _**In the beginning, there was … GIT**_:
+Clone the latest revision of Nettacker
+
+`> git clone https://github.com/zdresearch/OWASP-Nettacker.git && cd OWASP-Nettacker && pip install -r requirements.txt`
+
+Make sure it works - in the command line, go to the root folder of Nettacker and run the following:
+
+`> python nettacker.py -h`
+
+1. _**Let there be targets:**_
+For the purposes of this tutorial, we have created a shooting range somewhere in the realm of z3r0d4y.com . Let's see what subdomains are available there:
+
+`> python nettacker.py -i z3r0d4y.com -m subdomain_scan`
+
+What sorcery is this? To see behind the curtains:
+
+`> python nettacker.py -i z3r0d4y.com -m subdomain_scan -v 5`
+
+OK, but which of these is smells fishier than others? Let's run a quick port scan:
+
+`python nettacker.py -i z3r0d4y.com -m port_scan`
+
+2. _**For thou shalt p4wn**_: Hmm... that "tg1" fellow smells funny. Let's see what its port 80 has to say:
+
+`open tg1.z3r0d4y.com in browser`
+
+A login page - we shall knock on its door soon. But now: Shall we see if we can bruteforce our way into its SSH service?
+
+`> python nettacker.py -i tg1.z3r0d4y.com -m ssh_brute -T 10 -v 5`
+
+Cool. Now, comrades, let us go back to the gates of the login page on port 80...
+
+Shall we write our own fuzzer to brute force our way into this login page? Why not... https://drive.google.com/open?id=1aFgKrdzhV6jb9HDi7LvrM9fjCd8n_hly
+
+Now that we are in, let's see what else is lurking in these dark corners. Notice the URL. Shall we fuzz and see if exploration in the numerical realm gets us anywhere? Why not... https://drive.google.com/open?id=1bG01UT5_VApHFLLf3FD8VV1o_lu_pRC1
+
+Ok, we now have the IP address of an internal docker and access to the WebUI of Nettacker installed there. Let's play.
+
diff --git a/docs/Media.md b/docs/Media.md
new file mode 100644
index 00000000..33bf8bcc
--- /dev/null
+++ b/docs/Media.md
@@ -0,0 +1,42 @@
+Gathered a few media to show how to work with OWASP Nettacker.
+
+Simple Usage
+============
+![](https://user-images.githubusercontent.com/7676267/35123376-283d5a3e-fcb7-11e7-9b1c-92b78ed4fecc.gif)
+
+API Usage
+=========
+![](https://user-images.githubusercontent.com/7676267/39006688-118f7f0c-4419-11e8-874a-c417f0bd9081.gif)
+
+Wizard Usage
+=============
+![](https://user-images.githubusercontent.com/24669027/39022564-bf96bde2-4453-11e8-9814-c30db364aa4d.gif)
+
+Youtube
+=======
+* Created By Volunteers
+
+[![IMAGE](http://img.youtube.com/vi/2XQiA7fEFck/0.jpg)](https://www.youtube.com/watch?v=2XQiA7fEFck)
+
+* Created By Volunteers
+
+[![IMAGE](http://img.youtube.com/vi/EUb8q0Whx4s/0.jpg)](https://www.youtube.com/watch?v=EUb8q0Whx4s)
+
+* Created By Volunteers
+
+[![IMAGE](http://img.youtube.com/vi/MnCOpiLY0Xc/0.jpg)](https://www.youtube.com/watch?v=MnCOpiLY0Xc)
+
+* Created By Volunteers
+
+[![IMAGE](http://img.youtube.com/vi/6trmP4xn2Sw/0.jpg)](https://www.youtube.com/watch?v=6trmP4xn2Sw)
+
+* Created By Volunteers
+
+[![IMAGE](http://img.youtube.com/vi/cZKQja2YO3A/0.jpg)](https://www.youtube.com/watch?v=cZKQja2YO3A)
+
+* Created By Volunteers
+
+[![IMAGE](http://img.youtube.com/vi/BF7G763xIKM/0.jpg)](https://www.youtube.com/watch?v=BF7G763xIKM)
+
+
+Feel free to send your media to us to share it in here.
\ No newline at end of file
diff --git a/docs/Modules.md b/docs/Modules.md
new file mode 100644
index 00000000..5ae5adf1
--- /dev/null
+++ b/docs/Modules.md
@@ -0,0 +1,173 @@
+# Nettacker Modules aka 'Methods'
+
+OWASP Nettacker Modules can be of type **Scan** (scan for something), **Vuln** (check for some vulnerability) and **Brute** (Brute force) 
+- [Scan Modules](#scan-modules)
+- [Ports Scanned by Nettacker](#ports-scanned-by-nettacker)
+- [Vuln Modules](#vuln-modules)
+- [Brute Modules](#brute-modules)
+
+## Scan Modules
+
+* '**admin_scan**'  - Scan the target for various Admin folders such as /admin /phpmyadmin /cmsadmin /wp-admin etc
+* '**citrix_lastpatcheddate_scan**'  Scan the target and try to detect Citrix Netscaler Gateway and it's last patched date
+* '**cms_detection_scan**' - Scan the target and try to detect the CMS (Wordpress, Drupal or Joomla) using response fingerprinting
+* '**confluence_version_scan**' - Scan the target and identify the Confluence version
+* '**dir_scan**' - Scan the target for well-known directories
+* '**drupal_modules_scan**' - Scan the target for popular Drupal modules
+* '**drupal_theme_scan**' - Scan the target for popular Drupal themes
+* '**drupal_version_scan**' - Scan the target and identify the Drupal version
+* '**icmp_scan**' - Ping the target and log the response time if it responds.
+* '**http_redirect_scan**' - Scan the target and test if it returns an HTTP redirect 3xx response code and print the destination
+* '**http_status_scan**' - Scan the target and return the HTTP status code
+* '**joomla_template_scan**' - Scan the target for Joomla templates (identify Joomla sites)
+* '**joomla_user_enum_scan**' - Scan the target and enumerate Joomla users
+* '**joomla_version_scan**' - Scan the target and identify the Joomla version
+* '**moveit_version_scan**' - Scan the target and identify the Progress MOVEit version
+* '**pma_scan**' - Scan the target for PHP MyAdmin presence
+* '**port_scan**' - Scan the target for open ports identifying the popular services using signatures (.e.g SSH on port 2222)
+* '**sender_policy_scan**' - Scan the target domains/subdomains for SPF policy settings
+* '**shodan_scan**' - Scan the target domains/subdomains/IP in Shodan. Put your Shodan API key i "shodan_api_key" method arg, "shodan_query_override" to run any Shodan query overriding the Nettacker target
+* '**subdomain_scan**' - Scan the target for subdomains (target must be a domain e.g. owasp.org)
+* '**viewdns_reverse_ip_lookup_scan**' - Identify which sites/domains are hosted on the target host using ViewDNS.info
+* '**wappalyzer_scan**' - Scan the target and try to identify the technologies and libraries used using Wappalyzer
+* '**wordpress_version_scan**' - Scan the target and identify the WordPress version
+* '**wp_plugin_scan**' - Scan the target for popular WordPress Plugins 
+* '**wp_theme_scan**' - Scan the target for popular WordPress themes
+* '**wp_timthumbs_scan**' - Scan the target for WordPress TimThumb.php script in various possible locations
+* '**wp_user_enum_scan**' - Scan the target WordPress site and Enumerate Users
+
+
+## Ports Scanned by Nettacker
+If you want to scan all ports please define -g 1-65535 range. Otherwise Nettacker will scan for these 1000 most popular ports:
+
+
+`[1, 3, 4, 6, 7, 9, 13, 17, 19, 20, 21, 22, 23, 24, 25, 26, 30, 32, 33, 37, 42,`
+                            `43, 49, 53, 67, 68, 69, 70, 79, 80, 81, 82, 83, 84, 85, 88, 89, 90, 99, 100, 106, 109, 110,`
+                            `111, 113, 119, 125, 135, 139, 143, 144, 146, 161, 162, 163, 179, 199, 211, 212, 222,`
+                            `254, 255, 256, 259, 264, 280, 301, 306, 311, 340, 366, 389, 406, 407, 416, 417,`
+                            `425, 427, 443, 444, 445, 458, 464, 465, 481, 497, 500, 512, 513, 514, 515, 524,`
+                            `541, 543, 544, 545, 548, 554, 555, 563, 587, 593, 616, 617, 625, 631, 636, 646,`
+                            `648, 666, 667, 668, 683, 687, 691, 700, 705, 711, 714, 720, 722, 726, 749, 765,`
+                            `777, 783, 787, 800, 801, 808, 843, 873, 880, 888, 898, 900, 901, 902, 903, 911,`
+                            `912, 981, 987, 990, 992, 993, 995, 999, 1000, 1001, 1002, 1007, 1009, 1010,`
+                            `1011, 1021, 1022, 1023, 1024, 1025, 1026, 1027, 1028, 1029, 1030, 1031, 1032,`
+                            `1033, 1034, 1035, 1036, 1037, 1038, 1039, 1040, 1041, 1042, 1043, 1044, 1045,`
+                            `1046, 1047, 1048, 1049, 1050, 1051, 1052, 1053, 1054, 1055, 1056, 1057, 1058,`
+                            `1059, 1060, 1061, 1062, 1063, 1064, 1065, 1066, 1067, 1068, 1069, 1070, 1071,`
+                            `1072, 1073, 1074, 1075, 1076, 1077, 1078, 1079, 1080, 1081, 1082, 1083, 1084,`
+                            `1085, 1086, 1087, 1088, 1089, 1090, 1091, 1092, 1093, 1094, 1095, 1096, 1097,`
+                            `1098, 1099, 1100, 1102, 1104, 1105, 1106, 1107, 1108, 1110, 1111, 1112, 1113,`
+                            `1114, 1117, 1119, 1121, 1122, 1123, 1124, 1126, 1130, 1131, 1132, 1137, 1138,`
+                            `1141, 1145, 1147, 1148, 1149, 1151, 1152, 1154, 1163, 1164, 1165, 1166, 1169,`
+                            `1174, 1175, 1183, 1185, 1186, 1187, 1192, 1198, 1199, 1201, 1213, 1216, 1217,`
+                            `1218, 1233, 1234, 1236, 1244, 1247, 1248, 1259, 1271, 1272, 1277, 1287, 1296,`
+                            `1300, 1301, 1309, 1310, 1311, 1322, 1328, 1334, 1352, 1417, 1433, 1434, 1443,`
+                            `1455, 1461, 1494, 1500, 1501, 1503, 1521, 1524, 1533, 1556, 1580, 1583, 1594,`
+                            `1600, 1641, 1658, 1666, 1687, 1688, 1700, 1717, 1718, 1719, 1720, 1721, 1723,`
+                            `1755, 1761, 1782, 1783, 1801, 1805, 1812, 1839, 1840, 1862, 1863, 1864, 1875,`
+                            `1900, 1914, 1935, 1947, 1971, 1972, 1974, 1984, 1998, 1999, 2000, 2001, 2002,`
+                            `2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2013, 2020, 2021, 2022, 2030,`
+                            `2033, 2034, 2035, 2038, 2040, 2041, 2042, 2043, 2045, 2046, 2047, 2048, 2049,`
+                            `2065, 2068, 2099, 2100, 2103, 2105, 2106, 2107, 2111, 2119, 2121, 2126, 2135,`
+                            `2144, 2160, 2161, 2170, 2179, 2190, 2191, 2196, 2200, 2222, 2251, 2260, 2288,`
+                            `2301, 2323, 2366, 2381, 2382, 2383, 2393, 2394, 2399, 2401, 2492, 2500, 2522,`
+                            `2525, 2557, 2601, 2602, 2604, 2605, 2607, 2608, 2638, 2701, 2702, 2710, 2717,`
+                            `2718, 2725, 2800, 2809, 2811, 2869, 2875, 2909, 2910, 2920, 2967, 2968, 2998,`
+                            `3000, 3001, 3003, 3005, 3006, 3007, 3011, 3013, 3017, 3030, 3031, 3052, 3071,`
+                            `3077, 3128, 3168, 3211, 3221, 3260, 3261, 3268, 3269, 3283, 3300, 3301, 3306,`
+                            `3322, 3323, 3324, 3325, 3333, 3351, 3367, 3369, 3370, 3371, 3372, 3389, 3390,`
+                            `3404, 3476, 3493, 3517, 3527, 3546, 3551, 3580, 3659, 3689, 3690, 3703, 3737,`
+                            `3766, 3784, 3800, 3801, 3809, 3814, 3826, 3827, 3828, 3851, 3869, 3871, 3878,`
+                            `3880, 3889, 3905, 3914, 3918, 3920, 3945, 3971, 3986, 3995, 3998, 4000, 4001,`
+                            `4002, 4003, 4004, 4005, 4006, 4045, 4111, 4125, 4126, 4129, 4224, 4242, 4279,`
+                            `4321, 4343, 4443, 4444, 4445, 4446, 4449, 4550, 4567, 4662, 4848, 4899, 4900,`
+                            `4998, 5000, 5001, 5002, 5003, 5004, 5009, 5030, 5033, 5050, 5051, 5054, 5060,`
+                            `5061, 5080, 5087, 5100, 5101, 5102, 5120, 5190, 5200, 5214, 5221, 5222, 5225,`
+                            `5226, 5269, 5280, 5298, 5357, 5405, 5414, 5431, 5432, 5440, 5500, 5510, 5544,`
+                            `5550, 5555, 5560, 5566, 5631, 5633, 5666, 5678, 5679, 5718, 5730, 5800, 5801,`
+                            `5802, 5810, 5811, 5815, 5822, 5825, 5850, 5859, 5862, 5877, 5900, 5901, 5902,`
+                            `5903, 5904, 5906, 5907, 5910, 5911, 5915, 5922, 5925, 5950, 5952, 5959, 5960,`
+                            `5961, 5962, 5963, 5987, 5988, 5989, 5998, 5999, 6000, 6001, 6002, 6003, 6004,`
+                            `6005, 6006, 6007, 6009, 6025, 6059, 6100, 6101, 6106, 6112, 6123, 6129, 6156,`
+                            `6346, 6389, 6502, 6510, 6543, 6547, 6565, 6566, 6567, 6580, 6646, 6666, 6667,`
+                            `6668, 6669, 6689, 6692, 6699, 6779, 6788, 6789, 6792, 6839, 6881, 6901, 6969,`
+                            `7000, 7001, 7002, 7004, 7007, 7019, 7025, 7070, 7100, 7103, 7106, 7200, 7201,`
+                            `7402, 7435, 7443, 7496, 7512, 7625, 7627, 7676, 7741, 7777, 7778, 7800, 7911,`
+                            `7920, 7921, 7937, 7938, 7999, 8000, 8001, 8002, 8007, 8008, 8009, 8010, 8011,`
+                            `8021, 8022, 8031, 8042, 8045, 8080, 8081, 8082, 8083, 8084, 8085, 8086, 8087,`
+                            `8088, 8089, 8090, 8093, 8099, 8100, 8180, 8181, 8192, 8193, 8194, 8200, 8222,`
+                            `8254, 8290, 8291, 8292, 8300, 8333, 8383, 8400, 8402, 8443, 8500, 8600, 8649,`
+                            `8651, 8652, 8654, 8701, 8800, 8873, 8888, 8899, 8994, 9000, 9001, 9002, 9003,`
+                            `9009, 9010, 9011, 9040, 9050, 9071, 9080, 9081, 9090, 9091, 9099, 9100, 9101,`
+                            `9102, 9103, 9110, 9111, 9200, 9207, 9220, 9290, 9415, 9418, 9485, 9500, 9502,`
+                            `9503, 9535, 9575, 9593, 9594, 9595, 9618, 9666, 9876, 9877, 9878, 9898, 9900,`
+                            `9917, 9929, 9943, 9944, 9968, 9998, 9999, 10000, 10001, 10002, 10003, 10004,`
+                            `10009, 10010, 10012, 10024, 10025, 10082, 10180, 10215, 10243, 10566, 10616,`
+                            `10617, 10621, 10626, 10628, 10629, 10778, 11110, 11111, 11967, 12000, 12174,`
+                            `12265, 12345, 13456, 13722, 13782, 13783, 14000, 14238, 14441, 14442, 15000,`
+                            `15002, 15003, 15004, 15660, 15742, 16000, 16001, 16012, 16016, 16018, 16080,`
+                            `16113, 16992, 16993, 17877, 17988, 18040, 18101, 18988, 19101, 19283, 19315,`
+                            `19350, 19780, 19801, 19842, 20000, 20005, 20031, 20221, 20222, 20828, 21571,`
+                            `22939, 23502, 24444, 24800, 25734, 25735, 26214, 27000, 27352, 27353, 27355,`
+                            `27356, 27715, 28201, 30000, 30718, 30951, 31038, 31337, 32768, 32769, 32770,`
+                            `32771, 32772, 32773, 32774, 32775, 32776, 32777, 32778, 32779, 32780, 32781,`
+                            `32782, 32783, 32784, 32785, 33354, 33899, 34571, 34572, 34573, 35500, 38292,`
+                            `40193, 40911, 41511, 42510, 44176, 44442, 44443, 44501, 45100, 48080, 49152,`
+                            `49153, 49154, 49155, 49156, 49157, 49158, 49159, 49160, 49161, 49163, 49165,`
+                            `49167, 49175, 49176, 49400, 49999, 50000, 50001, 50002, 50003, 50006, 50300,`
+                            `50389, 50500, 50636, 50800, 51103, 51493, 52673, 52822, 52848, 52869, 54045,`
+                            `54328, 55055, 55056, 55555, 55600, 56737, 56738, 57294, 57797, 58080, 60020,`
+                            `60443, 61532, 61900, 62078, 63331, 64623, 64680, 65000, 65129, 65389]`
+    
+
+
+## Vuln Modules
+
+* '**apache_struts_vuln**' - check Apache Struts for CVE-2017-5638
+* '**Bftpd_double_free_vuln**' - check bftpd for CVE-2007-2010
+* '**Bftpd_memory_leak_vuln**' - check bftpd for CVE-2017-16892
+* '**Bftpd_parsecmd_overflow_vuln**'- check bftpd for CVE-2007-2051
+* '**Bftpd_remote_dos_vuln**' - check bftpd for CVE-2009-4593
+* '**CCS_injection_vuln**' - check SSL for Change Cipher Spec (CCS Injection) CVE-2014-0224
+* '**citrix_cve_2019_19781_vuln**' - check the target for Citrix CVE-2019-19781 vulnerability 
+* '**citrix_cve_2023_24488_vuln**' - check the target for Citrix CVE-2023-24488 XSS vulnerability
+* '**clickjacking_vuln**' - check the web server for missing 'X-Frame-Options' header (clickjacking protection)
+* '**content_security_policy_vuln**' - check the web server for missing 'Content-Security-Policy' header
+* '**content_type_options_vuln**' - check the web server for missing 'X-Content-Type-Options'=nosniff header
+* '**f5_cve_2020_5902_vuln**' - check the target for F5 RCE CVE-2020-5902 vulnerability 
+* '**heartbleed_vuln**' - check SSL for Heartbleed vulnerability (CVE-2014-0160)
+* '**msexchange_cve_2021_26855**' - check the target for MS Exchange SSRF CVE-2021-26855 (proxylogon/hafnium)
+* '**http_cors_vuln**' - check the web server for overly-permissive CORS (header 'Access-Control-Allow-Origin'=*)
+* '**options_method_enabled_vuln**' - check if OPTIONS method is enabled on the web server
+* '**ProFTPd_bypass_sqli_protection_vuln**' - check ProFTPd for CVE-2009-0543
+* '**ProFTPd_cpu_consumption_vuln**' - check ProFTPd for CVE-2008-7265
+* '**ProFTPd_directory_traversal_vuln**' - check ProFTPd for CVE-2010-3867
+* '**ProFTPd_exec_arbitary_vuln**' - check ProFTPd for CVE-2011-4130
+* '**ProFTPd_heap_overflow_vuln**' - check ProFTPd for CVE-2010-4652
+* '**ProFTPd_integer_overflow_vuln**' - check ProFTPd for CVE-2011-1137
+* '**ProFTPd_memory_leak_vuln**' - check ProFTPd for CVE-2001-0136
+* '**ProFTPd_restriction_bypass_vuln**' - check ProFTPd for CVE-2009-3639
+* '**self_signed_certificate_vuln**' - check for self-signed SSL certificate
+* '**server_version_vuln**' - check if the web server is leaking server banner in 'Server' response header
+* '**ssl_certificate_expired_vuln**' - check if SSL certificate has expired 
+* '**weak_signature_algorithm_vuln**'- check if SSL certificate is signed using SHA-1
+* '**wordpress_dos_cve_2018_6389_vuln**' - check if Wordpress is vulnerable to CVE-2018-6389 Denial Of Service (DOS) 
+* '**wp_xmlrpc_bruteforce_vuln**' - check if Wordpress is vulnerable to credential Brute Force via XMLRPC wp.getUsersBlogs
+* '**wp_xmlrpc_pingback_vuln**' - check if Wordpress is vulnerable to XMLRPC pingback 
+* '**x_powered_by_vuln**' - check if the web server is leaking server configuration in 'X-Powered-By' response header
+* '**xdebug_rce_vuln**' - checks if web server is running XDebug version 2.5.5 vulnerable to RCE
+* '**XSS_protection_vuln**' - check if header 'X-XSS-Protection' header is set to '1; mode=block'
+* '**vbulletin_cve_2019_16759_vuln**' - check the target for vBulletin RCE CVE-2019-16759 vulnerability
+
+## Brute Modules
+
+If no extra users/passwords parameters are specified the following default usernames will be used on brute force checks: ["admin", "root", "test", "ftp", "anonymous", "user", "support", "1"] with the following passwords: ["admin", "root", "test", "ftp", "anonymous", "user", "1", "12345",123456", "124567", "12345678", "123456789", "1234567890", "admin1", "password!@#", "support", "1qaz2wsx", "qweasd", "qwerty", "!QAZ2wsx","password1", "1qazxcvbnm", "zxcvbnm", "iloveyou", "password", "p@ssw0rd","admin123", ""]
+
+* '**ftp_brute**' - try to brute force FTP users. 
+* '**http_basic_auth_brute**' - try to brute for HTTP Basic Auth users. 
+* '**http_form_brute**' - try to brute force using HTTP form - assuming that the form has 'username' and 'password' fields
+* '**http_ntlm_brute**' - try to brute force using HTTP NTLM
+* '**smtp_brute**' - - try to brute force SMTP (ports ["25", "465", "587"])
+* '**ssh_brute**' - try to brute force SSH (port 22)
+* '**telnet_brute**' - try to brute force via telnet (port23) (expects "login" and "Password" prompt)
+* '**wp_xmlrpc_brute**' - try to brute force Wordpress users using XMLRPC and wp.getUsersBlogs method
diff --git a/docs/Usage.md b/docs/Usage.md
new file mode 100644
index 00000000..79319607
--- /dev/null
+++ b/docs/Usage.md
@@ -0,0 +1,669 @@
+# Help Menu
+
+- [Target inputs Option](#target-inputs-option)
+  * [Command Examples](#command-examples)
+- [API and WebUI](#api-and-webui)
+  * [API Options](#api-options)
+  * [API Examples](#api-examples)
+- [Database](#database)
+  * [SQLite configuration](#sqlite-configuration)
+  * [MySQL configuration](#mysql-configuration)
+- [Maltego Transforms](#maltego-transforms)
+
+By using the `--help`/`-h` switch you can read the help menu in the CLI:
+ `python3 nettacker.py --help`
+
+
+
+* Note: This example may not reflect the latest version.
+
+```
+   ______          __      _____ _____
+  / __ \ \        / /\    / ____|  __ \
+ | |  | \ \  /\  / /  \  | (___ | |__) |
+ | |  | |\ \/  \/ / /\ \  \___ \|  ___/
+ | |__| | \  /\  / ____ \ ____) | |     Version 0.0.2
+  \____/   \/  \/_/    \_\_____/|_|     BIST
+                          _   _      _   _             _
+                         | \ | |    | | | |           | |
+  github.com/OWASP       |  \| | ___| |_| |_ __ _  ___| | _____ _ __
+  owasp.org              | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
+  z3r0d4y.com            | |\  |  __/ |_| || (_| | (__|   <  __/ |
+                         |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
+
+
+
+
+usage: Nettacker [-L LANGUAGE] [-v] [-V] [-o REPORT_PATH_FILENAME] [--graph GRAPH_NAME] [-h] [-i TARGETS]
+                 [-l TARGETS_LIST] [-m SELECTED_MODULES] [--modules-extra-args MODULES_EXTRA_ARGS]
+                 [--show-all-modules] [--profile PROFILES] [--show-all-profiles] [-x EXCLUDED_MODULES]
+                 [-u USERNAMES] [-U USERNAMES_LIST] [-p PASSWORDS] [-P PASSWORDS_LIST] [-g PORTS]
+                 [--user-agent USER_AGENT] [-T TIMEOUT] [-w TIME_SLEEP_BETWEEN_REQUESTS] [-r] [-s]
+                 [-t THREAD_PER_HOST] [-M PARALLEL_MODULE_SCAN] [--set-hardware-usage SET_HARDWARE_USAGE]
+                 [-R SOCKS_PROXY] [--retries RETRIES] [--ping-before-scan] [--start-api]
+                 [--api-host API_HOSTNAME] [--api-port API_PORT] [--api-debug-mode]
+                 [--api-access-key API_ACCESS_KEY] [--api-client-whitelisted-ips API_CLIENT_WHITELISTED_IPS]
+                 [--api-access-log API_ACCESS_LOG] [--api-cert API_CERT] [--api-cert-key API_CERT_KEY]
+
+Engine:
+  Engine input options
+
+  -L LANGUAGE, --language LANGUAGE
+                        select a language ['id', 'it', 'hy', 'el', 'ar', 'ur', 'hi', 'vi', 'ps', 'nl', 'tr',
+                        'iw', 'zh-cn', 'ja', 'es', 'ru', 'fa', 'fr', 'en', 'ko', 'de']
+  -v, --verbose         verbose mode level (0-5) (default 0)
+  -V, --version         show software version
+  -o REPORT_PATH_FILENAME, --output REPORT_PATH_FILENAME
+                        save all logs in file (results.txt, results.csv, results.html, results.json)
+  --graph GRAPH_NAME    build a graph of all activities and information, you must use HTML output. available
+                        graphs: ['d3_tree_v2_graph', 'd3_tree_v1_graph']
+  -h, --help            Show Nettacker Help Menu
+
+Target:
+  Target input options
+
+  -i TARGETS, --targets TARGETS
+                        target(s) list, separate with ","
+  -l TARGETS_LIST, --targets-list TARGETS_LIST
+                        read target(s) from file
+
+Method:
+  Scan method options
+
+  -m SELECTED_MODULES, --modules SELECTED_MODULES
+                        choose modules ['http_options_enabled_vuln', 'clickjacking_vuln',
+                        'wp_xmlrpc_bruteforce_vuln', 'graphql_vuln', 'content_security_policy_vuln',
+                        'xdebug_rce_vuln', 'x_powered_by_vuln', 'wp_xmlrpc_pingback_vuln', 'http_cors_vuln',
+                        'f5_cve_2020_5902_vuln', '...', 'all'] to see full list use --show-all-modules
+  --modules-extra-args MODULES_EXTRA_ARGS
+                        add extra args to pass to modules (e.g. --modules-extra-args
+                        "x_api_key=123&xyz_passwd=abc"
+  --show-all-modules    show all modules and their information
+  --profile PROFILES    select profile ['vuln', 'vulnerability', 'http', 'low_severity', 'medium_severity',
+                        'wordpress', 'wp', 'information_gathering', 'graphql', 'csp', 'critical_severity',
+                        'cve', 'f5', 'takeover', 'high_severity', 'citrix', 'apache_struts', 'vbulletin',
+                        'msexchange', 'brute', 'brute_force', 'telnet', 'ssh', 'smtp', 'ftp', 'scan',
+                        'backup', 'infortmation', 'info', 'reverse_lookup', 'drupal', 'all']
+  --show-all-profiles   show all profiles and their information
+  -x EXCLUDED_MODULES, --exclude-modules EXCLUDED_MODULES
+                        choose scan method to exclude ['http_options_enabled_vuln', 'clickjacking_vuln',
+                        'wp_xmlrpc_bruteforce_vuln', 'graphql_vuln', 'content_security_policy_vuln',
+                        'xdebug_rce_vuln', 'x_powered_by_vuln', 'wp_xmlrpc_pingback_vuln', 'http_cors_vuln',
+                        'f5_cve_2020_5902_vuln', '...']
+  -u USERNAMES, --usernames USERNAMES
+                        username(s) list, separate with ","
+  -U USERNAMES_LIST, --users-list USERNAMES_LIST
+                        read username(s) from file
+  -p PASSWORDS, --passwords PASSWORDS
+                        password(s) list, separate with ","
+  -P PASSWORDS_LIST, --passwords-list PASSWORDS_LIST
+                        read password(s) from file
+  -g PORTS, --ports PORTS
+                        port(s) list, separate with ","
+  --user-agent USER_AGENT
+                        Select a user agent to send with HTTP requests or enter "random_user_agent" to
+                        randomize the User-Agent in the requests.
+  -T TIMEOUT, --timeout TIMEOUT
+                        read password(s) from file
+  -w TIME_SLEEP_BETWEEN_REQUESTS, --time-sleep-between-requests TIME_SLEEP_BETWEEN_REQUESTS
+                        time to sleep between each request
+  -r, --range           scan all IPs in the range
+  -s, --sub-domains     find and scan subdomains
+  -t THREAD_PER_HOST, --thread-per-host THREAD_PER_HOST
+                        thread numbers for connections to a host
+  -M PARALLEL_MODULE_SCAN, --parallel-module-scan PARALLEL_MODULE_SCAN
+                        parallel module scan for hosts
+  --set-hardware-usage SET_HARDWARE_USAGE
+                        Set hardware usage while scanning. (low, normal, high, maximum)
+  -R SOCKS_PROXY, --socks-proxy SOCKS_PROXY
+                        outgoing connections proxy (socks). example socks5: 127.0.0.1:9050,
+                        socks://127.0.0.1:9050 socks5://127.0.0.1:9050 or socks4: socks4://127.0.0.1:9050,
+                        authentication: socks://username: password@127.0.0.1,
+                        socks4://username:password@127.0.0.1, socks5://username:password@127.0.0.1
+  --retries RETRIES     Retries when the connection timeout (default 3)
+  --ping-before-scan    ping before scan the host
+
+API:
+  API options
+
+  --start-api           start the API service
+  --api-host API_HOSTNAME
+                        API host address
+  --api-port API_PORT   API port number
+  --api-debug-mode      API debug mode
+  --api-access-key API_ACCESS_KEY
+                        API access key
+  --api-client-whitelisted-ips API_CLIENT_WHITELISTED_IPS
+                        define white list hosts, separate with , (examples: 127.0.0.1, 192.168.0.1/24,
+                        10.0.0.1-10.0.0.255)
+  --api-access-log API_ACCESS_LOG
+                        API access log filename
+  --api-cert API_CERT   API CERTIFICATE
+  --api-cert-key API_CERT_KEY
+                        API CERTIFICATE Key
+
+
+Please read license and agreements https://github.com/OWASP/Nettacker%
+```
+
+## Language Selection
+
+You can choose from 21 languages when using Nettacker. Use the language flag: 
+`$ nettacker -L fa`
+
+The `-L` is the language flag and in this case sets the output language to Farsi, indicated by the `fa`. Farsi and 20 other languages are available, as listed in the command line help: `el`, `fr`, `en`, `nl`, `ps`, `tr`, `de`, `ko`, `it`, `ja`, `fa`, `hy`, `ar`, `zh-cn`, `vi`, `ru`, `hi`, `ur`, `id`, `es`, `iw`.
+
+* Your CLI must support Unicode to make use of multiple languages. Search the web for "How to use Farsi on cmd/terminal."
+* You can fix Persian (Farsi) and other Unicode languages RTL and Chars with [bicon](https://www.google.com/search?q=Persian+support+with+bicon&oq=Persian+support+with+bicon&aqs=chrome..69i57.178j0j7&sourceid=chrome&ie=UTF-8) in terminal/windows bash.
+```
+$ python nettacker.py --help -L fa
+
+   ______          __      _____ _____
+  / __ \ \        / /\    / ____|  __ \
+ | |  | \ \  /\  / /  \  | (___ | |__) |
+ | |  | |\ \/  \/ / /\ \  \___ \|  ___/
+ | |__| | \  /\  / ____ \ ____) | |     Version 0.0.2
+  \____/   \/  \/_/    \_\_____/|_|     BIST
+                          _   _      _   _             _
+                         | \ | |    | | | |           | |
+  github.com/OWASP       |  \| | ___| |_| |_ __ _  ___| | _____ _ __
+  owasp.org              | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
+  z3r0d4y.com            | |\  |  __/ |_| || (_| | (__|   <  __/ |
+                         |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
+
+
+
+
+usage: Nettacker [-L LANGUAGE] [-v] [-V] [-o REPORT_PATH_FILENAME] [--graph GRAPH_NAME] [-h] [-i TARGETS]
+                 [-l TARGETS_LIST] [-m SELECTED_MODULES] [--modules-extra-args MODULES_EXTRA_ARGS]
+                 [--show-all-modules] [--profile PROFILES] [--show-all-profiles] [-x EXCLUDED_MODULES]
+                 [-u USERNAMES] [-U USERNAMES_LIST] [-p PASSWORDS] [-P PASSWORDS_LIST] [-g PORTS]
+                 [--user-agent USER_AGENT] [-T TIMEOUT] [-w TIME_SLEEP_BETWEEN_REQUESTS] [-r] [-s]
+                 [-t THREAD_PER_HOST] [-M PARALLEL_MODULE_SCAN] [--set-hardware-usage SET_HARDWARE_USAGE]
+                 [-R SOCKS_PROXY] [--retries RETRIES] [--ping-before-scan] [--start-api]
+                 [--api-host API_HOSTNAME] [--api-port API_PORT] [--api-debug-mode]
+                 [--api-access-key API_ACCESS_KEY] [--api-client-whitelisted-ips API_CLIENT_WHITELISTED_IPS]
+                 [--api-access-log API_ACCESS_LOG] [--api-cert API_CERT] [--api-cert-key API_CERT_KEY]
+
+انجین:
+  گزینه های ورودی انجین
+
+  -L LANGUAGE, --language LANGUAGE
+                        یک زبان انتخاب کنید ['id', 'it', 'hy', 'el', 'ar', 'ur', 'hi', 'vi', 'ps', 'nl', 'tr',
+                        'iw', 'zh-cn', 'ja', 'es', 'ru', 'fa', 'fr', 'en', 'ko', 'de']
+  -v, --verbose         سطح حالت پرگویی (0-5) (پیشفرض 0)
+  -V, --version         نمایش ورژن نرم افزار
+  -o REPORT_PATH_FILENAME, --output REPORT_PATH_FILENAME
+                        ذخیره کردن کل لاگ ها در فایل (result.txt، result.html، results.json)
+  --graph GRAPH_NAME    ساخت گراف از همه فعالیت ها و اطلاعات، شما باید از خروجی HTML استفاده کنید. گراف های در
+                        دسترس: ['d3_tree_v2_graph', 'd3_tree_v1_graph']
+  -h, --help            نشان دادن منوی کمک Nettacker
+
+هدف:
+  گزینه های ورودی هدف
+
+  -i TARGETS, --targets TARGETS
+                        لیست هدف (ها)، با "," جدا کنید
+  -l TARGETS_LIST, --targets-list TARGETS_LIST
+                        خواندن هدف (ها) از فایل
+
+متود:
+  گزینه های متود های اسکن
+
+  -m SELECTED_MODULES, --modules SELECTED_MODULES
+                        متود اسکن را انتخاب کنید ['http_options_enabled_vuln', 'clickjacking_vuln',
+                        'wp_xmlrpc_bruteforce_vuln', 'graphql_vuln', 'content_security_policy_vuln',
+                        'xdebug_rce_vuln', 'x_powered_by_vuln', 'wp_xmlrpc_pingback_vuln', 'http_cors_vuln',
+                        'f5_cve_2020_5902_vuln', '...', 'all']
+  --modules-extra-args MODULES_EXTRA_ARGS
+                        add extra args to pass to modules (e.g. --modules-extra-args
+                        "x_api_key=123&xyz_passwd=abc"
+  --show-all-modules    show all modules and their information
+  --profile PROFILES    انتخاب پروفایل ['vuln', 'vulnerability', 'http', 'low_severity', 'medium_severity',
+                        'wordpress', 'wp', 'information_gathering', 'graphql', 'csp', 'critical_severity',
+                        'cve', 'f5', 'takeover', 'high_severity', 'citrix', 'apache_struts', 'vbulletin',
+                        'msexchange', 'brute', 'brute_force', 'telnet', 'ssh', 'smtp', 'ftp', 'scan',
+                        'backup', 'infortmation', 'info', 'reverse_lookup', 'drupal', 'all']
+  --show-all-profiles   show all profiles and their information
+  -x EXCLUDED_MODULES, --exclude-modules EXCLUDED_MODULES
+                        انتخاب متود اسکن استثنا ['http_options_enabled_vuln', 'clickjacking_vuln',
+                        'wp_xmlrpc_bruteforce_vuln', 'graphql_vuln', 'content_security_policy_vuln',
+                        'xdebug_rce_vuln', 'x_powered_by_vuln', 'wp_xmlrpc_pingback_vuln', 'http_cors_vuln',
+                        'f5_cve_2020_5902_vuln', '...']
+  -u USERNAMES, --usernames USERNAMES
+                        لیست نام کاربری (ها)، با "," جدا شود
+  -U USERNAMES_LIST, --users-list USERNAMES_LIST
+                        خواندن نام کاربری (ها) از لیست
+  -p PASSWORDS, --passwords PASSWORDS
+                        لیست کلمه عبور (ها)، با "," جدا شود
+  -P PASSWORDS_LIST, --passwords-list PASSWORDS_LIST
+                        خواندن کلمه عبور (ها) از فایل
+  -g PORTS, --ports PORTS
+                        لیست درگاه (ها)، با "," جدا شود
+  --user-agent USER_AGENT
+                        Select a user agent to send with HTTP requests or enter "random_user_agent" to
+                        randomize the User-Agent in the requests.
+  -T TIMEOUT, --timeout TIMEOUT
+                        خواندن کلمه عبور (ها) از فایل
+  -w TIME_SLEEP_BETWEEN_REQUESTS, --time-sleep-between-requests TIME_SLEEP_BETWEEN_REQUESTS
+                        زمان مکث بین هر درخواست
+  -r, --range           اسکن تمام آی پی ها در رنج
+  -s, --sub-domains     پیدا کردن و اسکن کردن ساب دامین ها
+  -t THREAD_PER_HOST, --thread-per-host THREAD_PER_HOST
+                        تعداد ریسه ها برای ارتباطات با یک هاست
+  -M PARALLEL_MODULE_SCAN, --parallel-module-scan PARALLEL_MODULE_SCAN
+                        parallel module scan for hosts
+  --set-hardware-usage SET_HARDWARE_USAGE
+                        Set hardware usage while scanning. (low, normal, high, maximum)
+  -R SOCKS_PROXY, --socks-proxy SOCKS_PROXY
+                        پراکسی ارتباطات خروجی (socks) مثال: 127.0.0.1:9050، socks://127.0.0.1:9050،
+                        socks5:127.0.0.1:9050 یا socks4: socks4://127.0.0.1:9050, احراز هویت:
+                        socks://username:password@127.0.0.1, socks4://username:password@127.0.0.1,
+                        socks5://username:password@127.0.0.1
+  --retries RETRIES     سعی مجدد وقتی که ارتباط قطع شد (پیشفرض 3)
+  --ping-before-scan    پینگ کردن هست قبل از اسکن
+
+API:
+  API گزینه های
+
+  --start-api           شروع سرویس API
+  --api-host API_HOSTNAME
+                        آدرس هاست API
+  --api-port API_PORT   شماره درگاه API
+  --api-debug-mode      حالت اشکال زدایی API
+  --api-access-key API_ACCESS_KEY
+                        کلید دسترسی API
+  --api-client-whitelisted-ips API_CLIENT_WHITELISTED_IPS
+                        تعریف کردن لیست سفید، با "," جدا کنید (مثال: 127.0.0.1, 192.168.1.1/24,
+                        10.0.0.1-10.0.0.255)
+  --api-access-log API_ACCESS_LOG
+                        اسم فایل لیست دسترسی به API
+  --api-cert API_CERT   API CERTIFICATE
+  --api-cert-key API_CERT_KEY
+                        API CERTIFICATE Key
+
+
+لطفا مجوز و موافقت نامه را مطالعه فرمایید https://github.com/OWASP/Nettacker
+```
+
+***
+
+# Target inputs Option
+
+* OWASP Nettacker supports several types of targets, including `IPv4`, `IPv4_Range`, `IPv4_CIDR`, `DOMAIN`, and `HTTP` (which may be useful for some of the modules).
+
+## Command Examples
+```
+192.168.1.1
+192.168.1.1-192.168.255.255
+192.168.1.1.1-192.255.255.255
+192.168.1.1/24
+owasp.org
+http://owasp.org
+https://owasp.org
+```
+
+* Targets can be read from a list by using the `-l` or `--target-list` command or you can split them with a comma if you don't want to use a text list.
+
+```
+python nettacker.py -i 192.168.1.1,192.168.1.2-192.168.1.10,127.0.0.1,owasp.org,192.168.2.1/24 -m port_scan -g 20-100 -t 10
+python nettacker.py -l targets.txt -m all -x port_scan -g 20-100 -t 5 -u root -p 123456,654321,123123
+```
+
+* Here are some more command line examples:
+```
+python nettacker.py -i 192.168.1.1/24 -m port_scan -t 10 -M 35 -g 20-100 --graph d3_tree_v2_graph -o result.html
+python nettacker.py -i 192.168.1.1/24 -m port_scan -t 10 -M 35 -g 20-100 -o file.html --graph jit_circle_v1_graph
+python nettacker.py -i 192.168.1.1/24 -m all -t 10 -M 35 -g 20-100 -o result.json -u root,user -P passwords.txt
+python nettacker.py -i 192.168.1.1/24 -m all -x ssh_brute -t 10 -M 35 -g 20-100 -o file.txt -U users.txt -P passwords.txt -T 3 -w 2
+```
+
+* Using Whatcms Scan: API key can be found [here](https://whatcms.org/APIKey)
+```
+python nettacker.py -i eng.uber.com -m whatcms_scan --method-args whatcms_api_key=XXXX
+```
+* Finding CVE 2020-5902:
+```
+python nettacker.py -i <CIDR/IP/Domain> -m f5_cve_2020_5902
+python nettacker.py -l <List of IP/CIDR/Domain> -m f5_cve_2020_5902
+python nettacker.py -i <CIDR/IP/Domain> -m f5_cve_2020_5902 -s
+```
+
+* OWASP Nettacker can also scan subdomains by using this command: `-s`
+
+```
+python nettacker.py -i owasp.org -s -m port_scan -t 10 -M 35 -g 20-100 --graph d3_tree_v2_graph
+```
+
+* If you use `-r` command, it will scan the IP range automatically by getting the range from the RIPE database online.
+```
+python nettacker.py -i owasp.org -s -r -m port_scan -t 10 -M 35 -g 20-100 --graph d3_tree_v2_graph
+python nettacker.py -i nettackerwebsiteblabla.com,owasp.org,192.168.1.1 -s -r -m all -t 10 -M 35 -g 20-100 -o file.txt -u root,user -P passwords.txt
+```
+
+* Note: If host scan finishes, and couldn't get any result nothing will be listed in the output file unless you change the verbosity mode to a value from 1 to 5.
+
+```
+python nettacker.py -i 192.168.1.1/24 -m all -t 10 -M 35 -g 20-100 -o file.txt -u root,user -P passwords.txt -v 1
+```
+* Use `*` pattern for selecting modules
+
+```
+python nettacker.py -i 192.168.1.1/24 -m *_scan
+python nettacker.py -i 192.168.1.1/24 -m *_scan,*_vuln
+```
+
+* Use profiles for using all modules inside a given profile
+
+```
+python nettacker.py -i 192.168.1.1/24 --profile information_gathering
+python nettacker.py -i 192.168.1.1/24 --profile information_gathering,vulnerabilities
+python nettacker.py -i 192.168.1.1/24 --profile all
+```
+
+![](https://user-images.githubusercontent.com/24669027/39022564-bf96bde2-4453-11e8-9814-c30db364aa4d.gif)
+
+
+* Use socks proxy for outgoing connections (default socks version is 5)
+```
+python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks://127.0.0.1:9050
+python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks4://127.0.0.1:9050
+python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks5://127.0.0.1:9050
+python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks://username:password@127.0.0.1:9050
+python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks4://username:password@127.0.0.1:9050
+python nettacker.py -i 192.168.1.1 -m tcp_connect_port_scan -T 5 --socks-proxy socks5://username:password@127.0.0.1:9050
+```
+
+* Get the list of all modules with details about it using `--show-all-modules`
+```
+python nettacker.py --show-all-modules
+   ______          __      _____ _____
+  / __ \ \        / /\    / ____|  __ \
+ | |  | \ \  /\  / /  \  | (___ | |__) |
+ | |  | |\ \/  \/ / /\ \  \___ \|  ___/
+ | |__| | \  /\  / ____ \ ____) | |     Version 0.0.2
+  \____/   \/  \/_/    \_\_____/|_|     BIST
+                          _   _      _   _             _
+                         | \ | |    | | | |           | |
+  github.com/OWASP       |  \| | ___| |_| |_ __ _  ___| | _____ _ __
+  owasp.org              | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
+  z3r0d4y.com            | |\  |  __/ |_| || (_| | (__|   <  __/ |
+                         |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|
+
+
+
+
+[2021-08-31 17:42:06][+] http_options_enabled_vuln: name: http_options_enabled_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] clickjacking_vuln: name: clickjacking_vuln, author: OWASP Nettacker Team, severity: 5, description: Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button, reference: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html, profiles: ['vuln', 'vulnerability', 'http', 'medium_severity']
+[2021-08-31 17:42:06][+] wp_xmlrpc_bruteforce_vuln: name: wp_xmlrpc_bruteforce_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity', 'wordpress', 'wp']
+[2021-08-31 17:42:06][+] graphql_vuln: name: graphql_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'information_gathering', 'http', 'low_severity', 'graphql']
+[2021-08-31 17:42:06][+] content_security_policy_vuln: name: content_security_policy_vuln, author: OWASP Nettacker Team, severity: 3, description: Content-Security-Policy is the name of a HTTP response header that modern browsers use to enhance the security of the document (or web page). The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads., reference: https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html, profiles: ['vuln', 'vulnerability', 'http', 'low_severity', 'csp']
+[2021-08-31 17:42:06][+] xdebug_rce_vuln: name: xdebug_rce_vuln, author: OWASP Nettacker Team, severity: 10, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity']
+[2021-08-31 17:42:06][+] x_powered_by_vuln: name: x_powered_by_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] wp_xmlrpc_pingback_vuln: name: wp_xmlrpc_pingback_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'wordpress', 'wp']
+[2021-08-31 17:42:06][+] http_cors_vuln: name: http_cors_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] f5_cve_2020_5902_vuln: name: f5_cve_2020_5902_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity', 'cve', 'f5']
+[2021-08-31 17:42:06][+] subdomain_takeover_vuln: name: subdomain_takeover_vuln, author: OWASP Nettacker Team, severity: 5, description: let us assume that example.com is the target and that the team running example.com have a bug bounty programme. While enumerating all of the subdomains belonging to example.com — a process that we will explore later — a hacker stumbles across subdomain.example.com, a subdomain pointing to GitHub pages. We can determine this by reviewing the subdomain's DNS records; in this example, subdomain.example.com has multiple A records pointing to GitHub's dedicated IP addresses for custom pages., reference: https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/10-Test_for_Subdomain_Takeover, profiles: ['vuln', 'vulnerability', 'http', 'medium_severity', 'takeover']
+[2021-08-31 17:42:06][+] http_trace_enabled_vuln: name: http_trace_enabled_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] http_cookie_vuln: name: http_cookie_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] wp_xmlrpc_dos_vuln: name: wp_xmlrpc_dos_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'wordpress', 'wp']
+[2021-08-31 17:42:06][+] server_version_vuln: name: server_version_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] x_xss_protection_vuln: name: x_xss_protection_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] citrix_cve_2019_19781_vuln: name: citrix_cve_2019_19781_vuln, author: OWASP Nettacker Team, severity: 8, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'high_severity', 'cve', 'citrix']
+[2021-08-31 17:42:06][+] content_type_options_vuln: name: content_type_options_vuln, author: OWASP Nettacker Team, severity: 2, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
+[2021-08-31 17:42:06][+] apache_struts_vuln: name: apache_struts_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity', 'apache_struts']
+[2021-08-31 17:42:06][+] vbulletin_cve_2019_16759_vuln: name: vbulletin_cve_2019_16759_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity', 'vbulletin', 'cve']
+[2021-08-31 17:42:06][+] msexchange_cve_2021_26855_vuln: name: msexchange_cve_2021_26855_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity', 'msexchange', 'cve']
+[2021-08-31 17:42:06][+] telnet_brute: name: telnet_brute, author: OWASP Nettacker Team, severity: 3, description: Telnet Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'telnet']
+[2021-08-31 17:42:06][+] ssh_brute: name: ssh_brute, author: OWASP Nettacker Team, severity: 3, description: SSH Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'ssh']
+[2021-08-31 17:42:06][+] smtp_brute: name: smtp_brute, author: OWASP Nettacker Team, severity: 3, description: SMTP Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'smtp']
+[2021-08-31 17:42:06][+] ftps_brute: name: ftps_brute, author: OWASP Nettacker Team, severity: 3, description: FTPS Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'ftp']
+[2021-08-31 17:42:06][+] smtps_brute: name: smtps_brute, author: OWASP Nettacker Team, severity: 3, description: SMTPS Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'smtp']
+[2021-08-31 17:42:06][+] ftp_brute: name: ftp_brute, author: OWASP Nettacker Team, severity: 3, description: FTP Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'ftp']
+[2021-08-31 17:42:06][+] whatcms_scan: name: dir_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: https://www.zaproxy.org/docs/alerts/10095/, profiles: ['scan', 'http', 'backup', 'low_severity']
+[2021-08-31 17:42:06][+] icmp_scan: name: icmp_scan, author: OWASP Nettacker Team, severity: 0, description: check if host is alive through ICMP, reference: None, profiles: ['scan', 'information_gathering', 'infortmation', 'info', 'low_severity']
+[2021-08-31 17:42:06][+] subdomain_scan: name: subdomain_scan, author: OWASP Nettacker Team, severity: 0, description: Find subdomains using different sources on internet, reference: None, profiles: ['scan', 'information_gathering', 'infortmation', 'info', 'low_severity']
+[2021-08-31 17:42:06][+] port_scan: id: port_scan, author: OWASP Nettacker Team, severity: 0, description: Find open ports and services, reference: None, profiles: ['scan', 'http', 'information_gathering', 'infortmation', 'info', 'low_severity']
+[2021-08-31 17:42:06][+] admin_scan: name: admin_scan, author: OWASP Nettacker Team, severity: 3, description: Admin Directory Finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity']
+[2021-08-31 17:42:06][+] dir_scan: name: dir_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: https://www.zaproxy.org/docs/alerts/10095/, profiles: ['scan', 'http', 'backup', 'low_severity']
+[2021-08-31 17:42:06][+] viewdns_reverse_iplookup_scan: name: viewdns_reverse_iplookup_scan, author: OWASP Nettacker Team, severity: 3, description: reverse lookup for target ip, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'reverse_lookup']
+[2021-08-31 17:42:06][+] drupal_version_scan: name: drupal_version_scan, author: OWASP Nettacker Team, severity: 3, description: fetch drupal version from target, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'drupal']
+[2021-08-31 17:42:06][+] joomla_version_scan: name: drupal_version_scan, author: OWASP Nettacker Team, severity: 3, description: fetch drupal version from target, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'drupal']
+[2021-08-31 17:42:06][+] wordpress_version_scan: name: wordpress_version_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'wp', 'wordpress']
+[2021-08-31 17:42:06][+] pma_scan: name: pma_scan, author: OWASP Nettacker Team, severity: 3, description: php my admin finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity']
+[2021-08-31 17:42:06][+] all:
+```
+
+
+- you can quick run the tool by using profiles
+```
+python nettacker.py -i example.com --profile vulnerabilities
+python nettacker.py -i example.com --profile high_severity
+```
+
+* You may want to create a new profile. To do that, you need to edit the particular modules by adding profiles name to it inside modules directory. for e.g i want add profile as `asset_discovery` to subdomain_scan,port_scan module, then i can just edit profile field in `modules/scan/subdomain.yaml` and `port_scan.yaml` 
+
+```
+info:
+  name: subdomain_scan
+  author: OWASP Nettacker Team
+  severity: 0
+  description: Find subdomains using different sources on internet
+  reference:
+  profiles:
+    - scan
+    - information_gathering
+    - infortmation
+    - info
+    - low_severity
+    - asset_discovery(new added profile)
+
+```
+
+* You may want to change the default values (`timeout`, `socks proxy`, `target`, `ports`) or anything that could be set with the command line.To do that, you will have to edit them in the config.py `nettacker_user_application_config()` function in the main directory in JSON style.
+
+```python
+def nettacker_user_application_config():
+    """
+    core framework default config (could be modify by user)
+
+    Returns:
+        a JSON with all user default configurations
+    """
+    from core.compatible import version_info
+    return {  # OWASP Nettacker Default Configuration
+        "language": "en",
+        "verbose_mode": False,
+        "show_version": False,
+        "report_path_filename": "{results_path}/results_{date_time}_{random_chars}.html".format(
+            results_path=nettacker_paths()["results_path"],
+            date_time=now(model="%Y_%m_%d_%H_%M_%S"),
+            random_chars=generate_random_token(10)
+        ),
+        "graph_name": "d3_tree_v2_graph",
+        "show_help_menu": False,
+        "targets": None,
+        "targets_list": None,
+        "selected_modules": None,
+        "excluded_modules": None,
+        "usernames": None,
+        "usernames_list": None,
+        "passwords": None,
+        "passwords_list": None,
+        "ports": None,
+        "timeout": 3.0,
+        "time_sleep_between_requests": 0.0,
+        "scan_ip_range": False,
+        "scan_subdomains": False,
+        "thread_per_host": 250,
+        "parallel_module_scan": 20,
+        "socks_proxy": None,
+        "retries": 1,
+        "ping_before_scan": False,
+        "profiles": None,
+        "set_hardware_usage": "maximum",  # low, normal, high, maximum
+        "user_agent": "Nettacker {version_number} {version_code} - https://github.com/OWASP/Nettacker".format(
+            version_number=version_info()[0], version_code=version_info()[1]
+        ),
+        "show_all_modules": False,
+        "show_all_profiles": False,
+        "modules_extra_args": None
+    }
+```
+
+# API and WebUI
+API and WebUI are new interfaces through which you can send your commands to Nettacker. Technically WebUI was developed based on the present API to demonstrate an example of the current API and can be used as another easier interface. To start using this feature, simply run `python nettacker.py --start-api`.
+```
+   ______          __      _____ _____  
+  / __ \ \        / /\    / ____|  __ \ 
+ | |  | \ \  /\  / /  \  | (___ | |__) |
+ | |  | |\ \/  \/ / /\ \  \___ \|  ___/ 
+ | |__| | \  /\  / ____ \ ____) | |     Version 0.0.1  
+  \____/   \/  \/_/    \_\_____/|_|     SAME
+                          _   _      _   _             _            
+                         | \ | |    | | | |           | |            
+  github.com/zdresearch  |  \| | ___| |_| |_ __ _  ___| | _____ _ __ 
+  owasp.org              | . ` |/ _ \ __| __/ _` |/ __| |/ / _ \ '__|
+  zdresearch.com         | |\  |  __/ |_| || (_| | (__|   <  __/ |   
+                         |_| \_|\___|\__|\__\__,_|\___|_|\_\___|_|   
+                                               
+    
+
+ * API Key: ec5e067581f29a28d8c8bbfc6e548f02
+ * Serving Flask app "api.engine" (lazy loading)
+ * Environment: production
+   WARNING: This is a development server. Do not use it in a production deployment.
+   Use a production WSGI server instead.
+ * Debug mode: off
+ * Running on https://127.0.0.1:5000/ (Press CTRL+C to quit)
+
+```
+
+As you can see, the API key will be a random MD5 hash every time you run the API. You don't need to set the key.
+You can also add your own SSL certificate and the key to run the API on an https connection.
+
+```python nettacker.py --start-api --api-cert ~/cert.crt --api-cert-key ~/key.pem```
+
+You can modify the default API config by editing the `config.py`.
+
+```python
+def nettacker_api_config():
+    """
+    API Config (could be modify by user)
+
+    Returns:
+        a JSON with API configuration
+    """
+    return {  # OWASP Nettacker API Default Configuration
+        "start_api_server": False,
+        "api_hostname": "0.0.0.0" if os.environ.get("docker_env") == "true" else "nettacker-api.z3r0d4y.com",
+        "api_port": 5000,
+        "api_debug_mode": False,
+        "api_access_key": generate_random_token(32),
+        "api_client_whitelisted_ips": [],  # disabled - to enable please put an array with list of ips/cidr/ranges
+        # [
+        #     "127.0.0.1",
+        #     "10.0.0.0/24",
+        #     "192.168.1.1-192.168.1.255"
+        # ],
+        "api_access_log": os.path.join(sys.path[0], '.data/nettacker.log'),
+    }
+```
+
+## API Options
+```
+  --start-api           start the API service
+  --api-host API_HOST   API host address
+  --api-port API_PORT   API port number
+  --api-debug-mode      API debug mode
+  --api-access-key API_ACCESS_KEY
+                        API access key
+  --api-client-white-list
+                        just allow white list hosts to connect to the API
+  --api-client-white-list-ips API_CLIENT_WHITE_LIST_IPS
+                        define white list hosts, separate with , (examples:
+                        127.0.0.1, 192.168.0.1/24, 10.0.0.1-10.0.0.255)
+  --api-access-log      generate API access log
+  --api-access-log-filename API_ACCESS_LOG_FILENAME
+                        API access log filename
+  --api-cert API_CERT   API CERTIFICATE
+  --api-cert-key API_CERT_KEY
+                        API CERTIFICATE Key
+
+```
+
+## API Examples
+
+```
+python nettacker.py --start-api --api-cert ~/cert.crt --api-cert-key ~/key.pem
+python nettacker.py --start-api --api-access-key mysecretkey
+python nettacker.py --start-api --api-client-white-list
+python nettacker.py --start-api --api-client-white-list --api-client-white-list-ips 127.0.0.1,192.168.0.1/24,10.0.0.1-10.0.0.255
+python nettacker.py --start-api --api-access-log 
+python nettacker.py --start-api --api-access-log --api-access-log-filename log.txt
+python nettacker.py --start-api --api-access-key mysecretkey --api-client-white-list --api-access-log 
+python nettacker.py --start-api --api-access-key mysecretkey --api-client-white-list --api-access-log 
+python nettacker.py --start-api --api-access-key mysecretkey --api-host 192.168.1.2 --api-port 80
+python nettacker.py --start-api --api-access-log --api-port 8080 --api-debug-mode
+```
+
+* For further information on how to use the RESTful API please visit the [API page](https://github.com/zdresearch/OWASP-Nettacker/wiki/API).
+
+![](https://github.com/aman566/DiceGameJS/blob/master/Screencast-from-Tuesday-09-June-2020-02-32-32-IST-_online-video-cutter.com_.gif)
+
+# Database
+OWASP Nettacker, currently supports two databases:
+- SQLite
+- MySQL
+The default database is SQLite. You can, however, configure the db to your liking.
+## SQLite configuration
+The SQLite database can be configured in `core/config.py` file under the `_database_config()` function. Here is a sample configuration:
+```
+return {
+        "DB": "sqlite",
+        "DATABASE":  _paths()["home_path"] + "/nettacker.db", # This is the location of your db
+        "USERNAME": "",
+        "PASSWORD": "",
+        "HOST": "",
+        "PORT": ""
+    }
+```
+## MySQL configuration:
+The MySQL database can be configured in `core/config.py` file under the `_database_config()` function. Here is a sample configuration:
+```
+return {
+        "DB": "mysql",
+        "DATABASE": "nettacker", # This is the name of your db
+        "USERNAME": "username",
+        "PASSWORD": "password",
+        "HOST": "localhost or some other host",
+        "PORT": "3306 or some other custom port"
+    }
+```
+After this configuration:
+1. Open the configuration file of mysql(`/etc/mysql/my.cnf` in case of linux) as a sudo user
+2. Add this to the end of the file :
+``` 
+[mysqld]  
+sql_mode = "STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION"
+```
+3.  Restart MySQL
+
+## Postgres Configuration
+
+The Postgres database can be configured in core/config.py file under the _database_config() function. Here is a sample configuration:
+`
+return {
+        "DB": "postgreas",
+        "DATABASE": "nettacker" # Name of db
+        "USERNAME": "username",
+        "PASSWORD": "password",
+        "HOST": "localhost or some other host",
+        "PORT": "5432 or some other custom port"
+    }
+`
+After this configuration please comment out the following line in database/db.py   `connect_args={'check_same_thread': False}` 
+
+
+
+Let me know if you have any more questions.
\ No newline at end of file
diff --git a/docs/index.md b/docs/index.md
new file mode 100644
index 00000000..f10a8a18
--- /dev/null
+++ b/docs/index.md
@@ -0,0 +1,8 @@
+# OWASP Nettacker Documentation
+
+This documentation is generated using [mkdocs.org](https://www.mkdocs.org) and [Material for MkDocs theme](https://github.com/squidfunk/mkdocs-material)
+
+
+## Nettacker
+
+Documentation [Home](Home.md)
\ No newline at end of file
diff --git a/docs/requirements.txt b/docs/requirements.txt
new file mode 100644
index 00000000..898468cb
--- /dev/null
+++ b/docs/requirements.txt
@@ -0,0 +1 @@
+mkdocs-material
\ No newline at end of file

From 75561812b0aaacf9758264f59c85c997c21dd70a Mon Sep 17 00:00:00 2001
From: Sam Stepanyan <sam.stepanyan@owasp.org>
Date: Sun, 25 Aug 2024 01:56:35 +0100
Subject: [PATCH 2/2] mkdocs

---
 .readthedocs.yml | 19 +++++++++++++++++++
 mkdocs.yml       | 12 ++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 .readthedocs.yml
 create mode 100644 mkdocs.yml

diff --git a/.readthedocs.yml b/.readthedocs.yml
new file mode 100644
index 00000000..800f70da
--- /dev/null
+++ b/.readthedocs.yml
@@ -0,0 +1,19 @@
+# Read the Docs configuration file for MkDocs projects
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the version of Python and other tools you might need
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3.12"
+
+
+mkdocs:
+  configuration: mkdocs.yml
+
+python:
+  install:
+  - requirements: docs/requirements.txt
diff --git a/mkdocs.yml b/mkdocs.yml
new file mode 100644
index 00000000..57a26f88
--- /dev/null
+++ b/mkdocs.yml
@@ -0,0 +1,12 @@
+site_name: OWASP Nettacker Documentation
+theme:
+  name: material
+nav:
+  - Home: Home.md
+  - Installation: Installation.md
+  - Usage: Usage.md
+  - Modules: Modules.md
+  - Media: Media.md
+  - API: API.md
+  - Contributing: Developers.md
+  - Events: Events.md