Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,053 Commits 14 Branches 13 Tags 27 MiB
Commit Graph

2053 Commits

Author SHA1 Message Date
itsdivyanshjain 07b78e832f updated web_technologies scan module 2022-09-17 08:54:00 -04:00
itsdivyanshjain c2acd1c88e improved log 2022-09-17 08:54:00 -04:00
itsdivyanshjain b724556289 improvise conditioning 2022-09-17 08:54:00 -04:00
divyansh 5ff0a6a80b waf log edit 2022-09-17 08:54:00 -04:00
divyansh 802d945959 updated waf module 
this module is working well, but still requires improvement in handling logs and terminate the request if we get the desired results, instead of iterating the whole list of request urls.
 2022-09-17 08:54:00 -04:00
divyansh 50fbd67637 updated subdomain-takeover module 2022-09-17 08:54:00 -04:00
divyansh ec9479c8a8 fixed logic bug finally 2022-09-17 08:54:00 -04:00
divyansh a995bd6302 new web technologies scanner module 
This is also meant for testing purposes, it has false negative
 2022-09-17 08:54:00 -04:00
divyansh c8b0025ab4 new WAF module with new mentioned functionality 
meant for testing new functionalities and demonstration only, more WAF responses will be added soon
 2022-09-17 08:53:59 -04:00
divyansh 7273e64e3f enhancements in logs in cli 2022-09-17 08:53:59 -04:00
divyansh 06490a4813 new feature: better approach for storing and showing logs 
This is meant for report/show output we still require old storing functionality like events and results. This commit also include response_dependent function which similar to temp_dependent function but it does not store in db, mainly meant to use to replace a certain characters in logs. Demonstration in a modules going to be available in later commits.
 2022-09-17 08:53:59 -04:00
divyansh db85f5a491 new feature: iterative_dictionary based response matching functionality 
This is going to be helpful in new module like waf_scan, web_technologies_scan, subdomain_takeover_vuln. Demonstartion in modules going to available in later commits.
 2022-09-17 08:53:59 -04:00
divyansh 7e72ee95c0 expanding the scope of temp_dependent_events to the response 
require for new module and also it is good feature to have
 2022-09-17 08:53:59 -04:00
divyansh d84bc51f42 changing return type to dict to match same as returning condition_results 2022-09-17 08:53:59 -04:00
divyansh 72de76fb0a fix conditioning bug 
In module where there is or condition between status and header, and status is been match but not header, then it still don't return success
 2022-09-17 08:53:59 -04:00
divyansh 93d651df38 fix bug in header match 
when regex is .* in header and it follows else empty string which match header in false manner
 2022-09-17 08:53:59 -04:00
Sam Stepanyan b6feb15d2b
Merge pull request #589 from OWASP/securestep9-patch-1 
Updated readme.md with OWASP official DockerHub link
 2022-09-11 18:38:35 +01:00
Sam Stepanyan 33817a7028
Update readme.md 2022-09-11 13:04:03 +01:00
Sam Stepanyan 30acf79c15
Merge pull request #587 from OWASP/dependabot/pip/ipython-8.5.0 
Bump ipython from 7.30.1 to 8.5.0
 2022-09-11 10:04:51 +01:00
dependabot[bot] 51823637e2
Bump ipython from 7.30.1 to 8.5.0 
Bumps [ipython](https://github.com/ipython/ipython) from 7.30.1 to 8.5.0.
- [Release notes](https://github.com/ipython/ipython/releases)
- [Commits](https://github.com/ipython/ipython/compare/7.30.1...8.5.0)

---
updated-dependencies:
- dependency-name: ipython
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-11 08:50:23 +00:00
Sam Stepanyan 20bf496f26
Merge pull request #566 from OWASP/dependabot/pip/paramiko-2.11.0 
Bump paramiko from 2.8.1 to 2.11.0
 2022-09-11 09:49:39 +01:00
dependabot[bot] 818a29a043
Bump paramiko from 2.8.1 to 2.11.0 
Bumps [paramiko](https://github.com/paramiko/paramiko) from 2.8.1 to 2.11.0.
- [Release notes](https://github.com/paramiko/paramiko/releases)
- [Changelog](https://github.com/paramiko/paramiko/blob/main/NEWS)
- [Commits](https://github.com/paramiko/paramiko/compare/2.8.1...2.11.0)

---
updated-dependencies:
- dependency-name: paramiko
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-03 19:24:02 +00:00
Sam Stepanyan b53dbe3cbc
Merge pull request #583 from OWASP/dependabot/pip/flask-2.2.2 
Bump flask from 2.0.2 to 2.2.2
 2022-09-03 20:23:18 +01:00
dependabot[bot] 204ba6e33d
Bump flask from 2.0.2 to 2.2.2 
Bumps [flask](https://github.com/pallets/flask) from 2.0.2 to 2.2.2.
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/flask/compare/2.0.2...2.2.2)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-09 22:19:35 +00:00
Ali Razmjoo 4ec8fdd129
Merge pull request #576 from OWASP/dependabot/pip/numpy-1.23.1 
Bump numpy from 1.21.4 to 1.23.1
 2022-07-18 20:58:35 +02:00
dependabot[bot] f90a89865a
Bump numpy from 1.21.4 to 1.23.1 
Bumps [numpy](https://github.com/numpy/numpy) from 1.21.4 to 1.23.1.
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](https://github.com/numpy/numpy/compare/v1.21.4...v1.23.1)

---
updated-dependencies:
- dependency-name: numpy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-11 22:44:15 +00:00
Sam Stepanyan 6d1653df01
Merge pull request #556 from tristanlatr/patch-1 
Fix typo
 2022-06-17 10:34:02 +01:00
tristanlatr db443ff78a
Fix typo 2022-04-12 17:33:02 -04:00
Sam Stepanyan 0b79a5b4fc
Merge pull request #535 from OWASP/issue534 
bug534 fix
 2022-01-09 13:42:22 +00:00
divyansh 6d1c7c9140 bug534 fix 2022-01-08 08:24:38 +05:30
Ali Razmjoo 508f1d90b1
Merge pull request #522 from EFFLUX110/master 
Updated Hindi language.
 2021-12-18 13:39:08 +01:00
Ali Razmjoo 2ed04165d2
Merge pull request #523 from OWASP/log4j-CVE-2021-44228 
possible race condition
 2021-12-18 13:38:58 +01:00
Ali Razmjoo f3b613689d
Merge branch 'master' into log4j-CVE-2021-44228 2021-12-18 13:24:28 +01:00
Ali Razmjoo 09d4ac090d possible race condition 2021-12-18 12:42:48 +01:00
EFFLUX f2120a6baa Update readme.md 2021-12-17 16:01:43 +05:30
EFFLUX 24964dfc61 Update hi.yaml 
Fixed Quotation error.
 2021-12-17 15:48:23 +05:30
EFFLUX 184db93520 Update hi.yaml 
Removed unwanted keywords from the file, which is not in use anymore in new version and added new keywords from en.yaml file.
 2021-12-17 15:19:59 +05:30
Ali Razmjoo 8933e227b0
Merge pull request #521 from OWASP/log4j-CVE-2021-44228 
fix race condition error and sorting steps
 2021-12-17 02:21:14 +01:00
Ali Razmjoo f82c25d6e5
Merge pull request #520 from EFFLUX110/master 
Created Bengali version for OWASP Nettacker project.
 2021-12-17 02:06:18 +01:00
Ali Razmjoo 6089089d66 fix race condition error and sorting steps 2021-12-17 01:52:27 +01:00
EFFLUX 899bfc7b97 Update bn.yaml 
Fixed some Quotation Error.
 2021-12-16 23:51:28 +05:30
EFFLUX 07916ea985 Create bn.yaml 
Created Bengali version for OWASP Nettacker project.
 2021-12-16 22:47:25 +05:30
Ali Razmjoo 25e4a8e2bc
Merge pull request #519 from OWASP/log4j-CVE-2021-44228 
Log4j CVE 2021 44228
 2021-12-15 03:16:07 +01:00
Ali Razmjoo 0063a930f7 increase sleep time 2021-12-15 02:21:42 +01:00
Ali Razmjoo bebc72234f enhancements in log4j vuln fuzzer 2021-12-15 01:32:06 +01:00
Ali Razmjoo 9ce824a0cc
Merge pull request #518 from OWASP/log4j-CVE-2021-44228 
Log4j CVE 2021 44228
 2021-12-14 02:23:24 +01:00
Ali Razmjoo 6e304974b3 enhancement in log4j module 2021-12-14 02:10:54 +01:00
Ali Razmjoo cce3b90890
Merge pull request #517 from OWASP/log4j-CVE-2021-44228 
Log4j CVE 2021 44228
 2021-12-13 02:20:39 +01:00
Ali Razmjoo ad4d604168 retry to fix the deadlock 2021-12-13 02:13:28 +01:00
Ali Razmjoo a7f599963b remove headers which cause 400 error 2021-12-13 02:05:27 +01:00