Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,682 Commits 14 Branches 13 Tags 27 MiB
Commit Graph

2682 Commits

Author SHA1 Message Date
Achintya Jai 4fd743a15d
fixed the create database part of postgresql.py (#1072) 2025-05-27 22:10:28 +00:00
Achintya Jai 10c95512e6
Refactoring Ip.py to return proper boolean values (#1043) 
* added bool to netaddr instances, removed redundant imports

* created test file for ip.py

* refactoring ip.py
 2025-05-27 22:02:59 +00:00
Packet Phantom 75fc06bd31
Handle socket.gaierror when retrieving server certificate (#1069) 2025-05-08 21:30:48 +00:00
Packet Phantom 9bdb94039c
refactor: use class attribute for SSH and Telnet client instantiation (#1068) 2025-05-08 00:34:32 +00:00
Achintya Jai d77becc42a
fixing regex introduced in PR1062 (#1067) 2025-05-06 11:34:34 +00:00
Sam Stepanyan 5eb8f3a506
security improvements (#1066) 
* security improvements

* formatting fix

* import sort

* security headers separate function
 2025-05-06 01:13:21 +00:00
Manav Acharya 423f66151a
Adding config_file_scan (#1051) 
* Config-scan

* Update config_wordlist.txt

Adding possible configuration file names

* Update config_wordlist.txt

Updating the wordlist to remove spaces in the urls

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-05-05 12:11:37 +00:00
Sam Stepanyan 4c88862c90
Adding ADOPTERS.md (#1065) 
* addding ADOPTERS.MD

* example Adopters
 2025-05-05 10:38:31 +00:00
Achintya Jai 6c0fbbfd0a
updated relevant parts of the documentation (#1064) 
* updated relevant parts of the documentation

* updated request header
 2025-04-28 21:11:33 +00:00
Achintya Jai 0c2d21405e
regex updates for port.yaml (#1062) 
* updated regexes

* Implementing logging response_dependent conditions in socket.py (#1060)

* logging matched services along with output from tcp_connect_send_and_recieve

* fixed tests

* fixed module.py

---------

Signed-off-by: Achintya Jai <153343775+pUrGe12@users.noreply.github.com>
 2025-04-28 19:40:31 +00:00
Achintya Jai 3f214b76cf
Implementing logging response_dependent conditions in socket.py (#1060) 
* logging matched services along with output from tcp_connect_send_and_recieve

* fixed tests

* fixed module.py
 2025-04-27 22:18:11 +00:00
Achintya Jai a72bdfc9b6
Fixing database issues (#1056) 
* fixing mysql connections using pymysql

* fixing threading issues

* fixed postgres conns

* fix ruff

* reverting to original config

* sslmode as a user configurable parameter
 2025-04-04 23:08:56 +00:00
Achintya Jai f62da6a605
added clean exit for missing wordlists (#1047) 
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-03-18 12:42:37 +00:00
dyp4r cb1a011c13
Fix issues in telent.py located in core/lib (#1048) 
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-03-18 10:28:33 +00:00
Achintya Jai 809b6e2e5c
Implemented tests and removed duplicates for wordlists (#1039) 
* added tests for wordlists, removed duplicates

* removed src from conftest

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-03-18 01:26:42 +00:00
Achintya Jai f7ce6a0e2c
added amqp detection regex (#1046) 2025-03-18 00:57:35 +00:00
Sam Stepanyan 6ad4ce083c
added missing url logging (#1040) 
* added missing url logging

* Update nettacker/modules/scan/pma.yaml

Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>

---------

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
 2025-03-18 00:47:32 +00:00
dependabot[bot] 9c4cd46a2d
Bump jinja2 from 3.1.5 to 3.1.6 (#1035) 
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.5 to 3.1.6.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.5...3.1.6)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-03-07 16:54:19 +00:00
Soumyaditya Batabyal 426ad9f06b
updated the whole italian translation file (#1033) 
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-03-07 15:26:37 +00:00
Achintya Jai 7a8bd583d4
small patch for en (#1036) 2025-03-07 14:41:30 +00:00
Achintya Jai 2667369af0
Custom wordlist functionality addition for scan modules (#1026) 
* adding default loop policy for asyncio

* added custom wordlist functionality

* lint fix

* bug fixes

* added break after first detection to exit for loop

* removed custom read from brute scans because its already implemented there

* updated according to suggested changes

* cleared old code

* fixed lint

* made requested changes

* made suggested changes

* lint fix

* changed user_wordlist to read_from_file
 2025-03-07 11:40:16 +00:00
Soumyaditya Batabyal 8d48b81467
Add some JapaneseTranslation (#1034) 2025-03-05 22:58:42 +00:00
Soumyaditya Batabyal e6f526e5ac
Add some ItalianTranslation (#1030) 2025-03-05 19:20:03 +00:00
Manav Acharya 71ea8a7c5e
create 'wp_plugin_cve_2023_47668_vuln' (#1029) 
* create 'wp_plugin_cve_2023_47668_vuln'

* Update wp_plugin_cve_2023_47668.yaml
 2025-03-02 23:57:48 +00:00
Achintya Jai 65192c8fc6
Added base path for directory enumeration (#1019) 
* added base path addition functionality

* fixed ruff

* unbound variable fix

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-02-21 21:33:02 +00:00
Sam Stepanyan f257381c2a
Update Dockerfile - bump python to 3.11.11 (#1021) 
bumping python image to 3.11.11

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-02-21 20:45:08 +00:00
Achintya Jai c0962bcd9d
adding default loop policy for asyncio (#1020) 2025-02-20 21:31:26 +00:00
Sam Stepanyan 626a765708
adding SonicWALL SSLVPN CVE-2024-53704 module (#1018) 
* Update paloalto_panos_cve_2025_0108.yaml added cisa_kev

Adding cisa_kev profile to the module:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added this CVE-2025-0108 impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

* adding sonicwall_sslvpn_cve_2024_53704_vuln module
 2025-02-20 02:30:11 +00:00
Sam Stepanyan 2456cd1951
Update paloalto_panos_cve_2025_0108.yaml added cisa_kev (#1017) 
Adding cisa_kev profile to the module:
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just added this CVE-2025-0108 impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
 2025-02-19 16:30:59 +00:00
Achintya Jai d143f4302b
updated regex for SSH scanning to include more matches (#1012) 
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-02-17 17:53:29 +00:00
Sam Stepanyan 507a098041
palo module location fix (#1014) 
* move paloalto_panos_cve_2025_0108.yaml to nettacker/modules/vuln/paloalto_panos_cve_2025_0108.yaml

Fix of the incorrect location for the module

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>

* Delete Modules.md in wrong location

location fix

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>

* Update Modules.md with CVE-2025-0108

added CVE-2025-0108 module to the docs

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>

---------

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-02-17 17:41:20 +00:00
Sam Stepanyan 6d427e2a3c
adding paloalto_panos_cve_2025_0108_vuln module (#1013) 2025-02-17 02:13:54 +00:00
Sam Stepanyan aff7fe3dc2 Revert "adding paloalto_panos_cve_2025_0108_vuln module" 
This reverts commit d76eb0b7d9.
 2025-02-17 01:39:23 +00:00
Sam Stepanyan d76eb0b7d9 adding paloalto_panos_cve_2025_0108_vuln module 2025-02-17 01:24:52 +00:00
Soumyaditya Batabyal 012bf5dda2
Add some ChineseTranslation (#1002) 
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-02-14 11:03:58 +00:00
Achintya Jai 34523c8e43
fixed the admin_scan output to include the hit URLs (#1008) 2025-02-11 20:00:18 +00:00
Osama Ahmed Tahir cd3d4c6e2e
The Urdu translation has been completed (#994) 
Signed-off-by: Osama Ahmed Tahir <31954609+osamaahmed17@users.noreply.github.com>
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-02-06 13:38:02 +00:00
dependabot[bot] 40781bf55f
Bump jinja2 from 3.1.4 to 3.1.5 (#984) 
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.4...3.1.5)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
 2025-02-03 17:13:29 +00:00
Soumyaditya Batabyal 4a7c6f3eb9
Add some KoreanTranslation (#996) 2025-02-03 15:45:21 +00:00
Nitin Awari 84d78a1429
Migrate CI/CD to ubuntu-24.04 and test docker images to latest (#993) 2025-01-22 06:31:04 +00:00
Arkadii Yakovets f0ee67f924
Pin runner image OS version (#989) 2025-01-16 23:31:34 +00:00
Arun Krishnan 1463af88bc
Added sanitization to report_path_filename and enhanced authentication cookie (#985) 2024-12-28 20:30:01 +00:00
Bhagyashree dfc637cc4b
Add Some BengaliTranslation (#983) 
Co-authored-by: bhagyashree980 <mandlawatbhagyashree@gmai.com>
 2024-12-26 13:11:45 +00:00
tanaydin sirin 9aaa7033a5
Correct the issue with port scanner output (#978) 
The issue caused the program to erroneously run a regex pattern on HTML content instead of the request data. This was because the port number wasn't displayed in the HTML's body content. The commit rectifies this problem, ensuring that regex operates on the correct data.
 2024-12-22 12:34:12 +00:00
Sam Stepanyan f65f9bc972
Update wp_plugin_small.txt (#977) 
Adding gutentor to wp_plugin_small.txt to cover CVE-2024-10178

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-12-08 23:12:20 +00:00
tanaydin sirin caaa5e8784
Update wp_plugin_small.txt (#976) 
Added Yoast SEO plugin path.

Signed-off-by: tanaydin sirin <huzursuz@gmail.com>
 2024-12-08 22:09:21 +00:00
AntonL 246611f731
Updating translations for ru.yaml (#969) 
* Updating translations for ru.yaml

* typos
 2024-11-28 17:13:28 +00:00
Sam Stepanyan cec376a08b
Update Installation.md - minor formatting fixes (#970) 
minor formatting fixes

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2024-11-28 17:06:54 +00:00
Sam Stepanyan d876e87909
Documentaion update (#966) 2024-11-27 14:22:43 +00:00
Manushya-a 32d7d98847
Update Security.md (#964) 
Fixing a small typo.
 2024-11-21 18:23:05 +00:00