* Add regex for SMB protocol in port.yaml to fix the bug #1147
Signed-off-by: Aarush289 <cs24b064@smail.iitm.ac.in>
* smb_fix done
* Enable SMB regex match in port.yaml to fix the bug #1147
Signed-off-by: Aarush289 <cs24b064@smail.iitm.ac.in>
---------
Signed-off-by: Aarush289 <cs24b064@smail.iitm.ac.in>
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* removed the vulnerability profile as it a subset of vuln
* removed brute_force profile as it is exactly same as brute
* removed cve_2021_38702 as a profile, its already there in cve, cve2021 and more relevant ones
* removed the puneethreddyrc profile
* removed information_gathering profile, added graphql.yaml to info
* removed the wp profile, it was a subset of wordpress
* removed the infortmation profile
* made relevant changes to the doc
* coderabbit suggestions
* Create paloalto_globalprotect_cve_2025_0133.yaml
new module for CVE-2025-0133
* Updated docs/Modules.md
updated docs
* Update nettacker/modules/vuln/paloalto_globalprotect_cve_2025_0133.yaml
CodeRabbit YAML formatting suggestion - we have this issue pretty much with all YAML files, so a separate tidy-up PR will be needed in the future
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---------
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
* Update dependencies in poetry.lock and pyproject.toml for new packages
* feat: add SMB brute force module
* feat: add unit tests for SMB brute force module
* ran make pre-commit
---------
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Config-scan
* Update config_wordlist.txt
Adding possible configuration file names
* Update config_wordlist.txt
Updating the wordlist to remove spaces in the urls
---------
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* adding default loop policy for asyncio
* added custom wordlist functionality
* lint fix
* bug fixes
* added break after first detection to exit for loop
* removed custom read from brute scans because its already implemented there
* updated according to suggested changes
* cleared old code
* fixed lint
* made requested changes
* made suggested changes
* lint fix
* changed user_wordlist to read_from_file
* Update paloalto_panos_cve_2025_0108.yaml added cisa_kev
Adding cisa_kev profile to the module:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added this CVE-2025-0108 impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
* adding sonicwall_sslvpn_cve_2024_53704_vuln module
Adding cisa_kev profile to the module:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added this CVE-2025-0108 impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
* move paloalto_panos_cve_2025_0108.yaml to nettacker/modules/vuln/paloalto_panos_cve_2025_0108.yaml
Fix of the incorrect location for the module
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Delete Modules.md in wrong location
location fix
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
* Update Modules.md with CVE-2025-0108
added CVE-2025-0108 module to the docs
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
---------
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
The issue caused the program to erroneously run a regex pattern on HTML content instead of the request data. This was because the port number wasn't displayed in the HTML's body content. The commit rectifies this problem, ensuring that regex operates on the correct data.
Minor improvements - added plugin version to regex and fixed overlooked previously copy-pasted text from another module
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
1. changed the date format from "%Y/%m/%d" to "%Y-%m-%d" to make it ANSI and ISO 8601 compliant.
2. Changed the issuer and subject to issuer_str and subject_str which are formatted string from the x509 objects.
3. Added subject to ssl_expired_certificate_vuln and ssl_expiring_certificate_scan modules
1. Change the date format from d/m/Y to Y-m-d (e.g. 2004-08-28)
2. In the return/output of ssl_certificate_scan in SSL library please add certificate "subject" and "issuer" so these could be logged
3. Rename ssl_version module to ssl_weak_version
4. Change ssl_expired_certificate module to return expired certs only ( do not count expiring_soon certs - it is not a vulnerability!)
5. Create a separate ssl_expiring_certificate module in modules/scan (remember 'expiring soon' is not a vulnerability, so we need to make this a 'scan' module)
6. Rename ssl_signed_certificate module to ssl_certificate_weak_signature and remove the self-signed check from it
7. Create a separate ssl_self_signed_certificate module in modules/vuln
Next in nettacker/core/lib/ssl.py
in class SslLibrary(BaseLibrary): you have ssl_certificate_scan and ssl_version_and_cipher_scan methods.
There is a common code in these two methods so these could be refactored to remove the repetition. Please refactor/improve this.
In ssl_version_and_cipher_scan also please add add to the output /return certificate "subject" ,"issuer" and an expiry date.
This way if a user scans they network using IP addresses and some servers will come up with weak SSL versions/ciphers it will be easier for user to identify the servers using the certificate subject/issuer
Aarush
Prabhat Kumar
Achintya Jai
Sam Stepanyan
Packet Phantom
Manav Acharya
tanaydin sirin
Captain-T2004
Arkadii Yakovets