Gh0st
/
Nettacker
mirror of https://github.com/OWASP/Nettacker.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: Gh0st:fe5c413b6cd95a738b269f03854e1a75c1e5d8b3
Branches Tags
Gh0st:master
Gh0st:coderabbitai/docstrings/65bf88e
Gh0st:dependabot/pip/werkzeug-3.1.4
Gh0st:dependabot/github_actions/actions/checkout-6
Gh0st:dependabot/pip/pyopenssl-25.1.0
Gh0st:dependabot/pip/asyncio-4.0.0
Gh0st:coderabbitai/docstrings/8695749
Gh0st:dependabot/pip/paramiko-3.5.1
Gh0st:dependabot/pip/aiohttp-3.11.11
Gh0st:python-versions
Gh0st:autofix/alert-28-90b0a7e0d0
Gh0st:0.3.3-docs
Gh0st:dependabot/pip/netaddr-1.3.0
Gh0st:dev
Gh0st:0.4.0
Gh0st:0.3.3
Gh0st:0.3.2
Gh0st:0.3.1
Gh0st:0.0.3.6
Gh0st:0.0.3.5
Gh0st:0.0.3.4
Gh0st:v0.0.3.3
Gh0st:0.0.3.2
Gh0st:0.0.3.1
Gh0st:0.0.3
Gh0st:0.0.2
Gh0st:0.0.1
...
compare: Gh0st:7c1e2a5fb47fd05bfa08bfe7e9a14ce82b226ea0
Branches Tags
Gh0st:coderabbitai/docstrings/65bf88e
Gh0st:dependabot/pip/werkzeug-3.1.4
Gh0st:dependabot/github_actions/actions/checkout-6
Gh0st:master
Gh0st:dependabot/pip/pyopenssl-25.1.0
Gh0st:dependabot/pip/asyncio-4.0.0
Gh0st:coderabbitai/docstrings/8695749
Gh0st:dependabot/pip/paramiko-3.5.1
Gh0st:dependabot/pip/aiohttp-3.11.11
Gh0st:python-versions
Gh0st:autofix/alert-28-90b0a7e0d0
Gh0st:0.3.3-docs
Gh0st:dependabot/pip/netaddr-1.3.0
Gh0st:dev
Gh0st:0.4.0
Gh0st:0.3.3
Gh0st:0.3.2
Gh0st:0.3.1
Gh0st:0.0.3.6
Gh0st:0.0.3.5
Gh0st:0.0.3.4
Gh0st:v0.0.3.3
Gh0st:0.0.3.2
Gh0st:0.0.3.1
Gh0st:0.0.3
Gh0st:0.0.2
Gh0st:0.0.1

21 Commits
fe5c413b6c ... 7c1e2a5fb4

Author SHA1 Message Date
numaan 7c1e2a5fb4 Fix YAML syntax error 2025-11-15 13:10:17 +11:00
numaan b6e9d433cc Fix YAML syntax error - separate merged keys on line 34 2025-11-15 13:04:18 +11:00
numaan e9a4eea0a4 Fix YAML syntax error - separate merged keys on line 34 2025-11-15 12:58:20 +11:00
numaan 2b3e92f308 Rename ka.yml to ka.yaml for consistency 2025-11-15 12:55:50 +11:00
numaan e6fcd37532 rename the file to match other files 2025-11-15 12:55:50 +11:00
Numaan Bashir Mir 42e54e68aa
Merge branch 'master' into kashmiri 2025-11-15 12:47:52 +11:00
numaan 8288040729 Fixes suggested 2025-11-15 12:45:33 +11:00
Prabhat Kumar 2d3f39c7a3
Refactor: Correct 'vuln' tag for 5 SSL modules (#1164) 2025-10-30 20:17:00 +00:00
dependabot[bot] 677f13ec2d
Bump actions/upload-artifact from 4 to 5 (#1157) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Arkadii Yakovets <2201626+arkid15r@users.noreply.github.com>
 2025-10-25 00:36:32 +00:00
dependabot[bot] f6f8c60f11
Bump actions/download-artifact from 5 to 6 (#1156) 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-24 23:56:28 +00:00
James 8c538fa065
optimized the sort_loops in module.py and also improved readability (#1150) 
Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
 2025-10-12 21:59:53 +00:00
dependabot[bot] e2b4d7c2d8
Bump github/codeql-action from 3 to 4 (#1149) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-11 20:49:58 +00:00
Sam Stepanyan ad76ce537a
Update README.md (#1141) 
* Update README.md

Adding Scarf to Readme

* Update README.md

alt added

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>

---------

Signed-off-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
 2025-09-25 18:30:02 +00:00
einsibjarni 0fa6c156e3
Allow running on FreeBSD 13.*, 14.* and 15.* (#1136) 
* Allow running on FreeBSD 13.*, 14.* and 15.*

* Update code

---------

Co-authored-by: Arkadii Yakovets <arkadii.yakovets@owasp.org>
 2025-09-14 17:31:15 +00:00
Sam Stepanyan a0831bc70a
Added AGENTS.md (#1128) 
* add AGENTS.md file

* add AGENTS.md file - link

* moved first two sentences into a comment
 2025-09-07 19:09:29 +00:00
Sam Stepanyan bf43de5f71
docs add Codebase Overview (#1129) 2025-09-07 18:29:02 +00:00
Achintya Jai e934f748ee
adding new output types (#1085) 
* sarif fully done, dd.json little left

* This is good to go now

* pre-commit fixes

* updated

* removing redundancy and less i/o operations

* ruff fixes

* fixed tests for Path.open

* rabbit suggestions

* added relevant documentation

* slight change in doc

* removing empty files that were added by mistake

* updated datatime format according to coderabbit's suggestions
 2025-09-07 18:22:29 +00:00
dependabot[bot] 2fea1e44f0
Bump actions/setup-python from 5 to 6 (#1133) 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5 to 6.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-05 12:52:25 +00:00
Achintya Jai 1d37e0e3a2
Removing redundancy and cleaning profiles (#1041) 
* removed the vulnerability profile as it a subset of vuln

* removed brute_force profile as it is exactly same as brute

* removed cve_2021_38702 as a profile, its already there in cve, cve2021 and more relevant ones

* removed the puneethreddyrc profile

* removed information_gathering profile, added graphql.yaml to info

* removed the wp profile, it was a subset of wordpress

* removed the infortmation profile

* made relevant changes to the doc

* coderabbit suggestions
 2025-09-04 18:39:00 +00:00
Achintya Jai cd0d168ab4
pyproject updates to fix warnings issued by pytest (#1130) 
* updated pyproject to fix warnings issued by pytest

* Update pyproject.toml

---------

Co-authored-by: Arkadii Yakovets <arkadii.yakovets@owasp.org>
 2025-09-02 22:34:18 +00:00
dependabot[bot] 5d905edce4
Bump ruff from 0.7.3 to 0.12.11 (#1131) 
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.3 to 0.12.11.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.7.3...0.12.11)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.12.11
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-02 22:11:43 +00:00
102 changed files with 368 additions and 215 deletions
Show Stats Expand all files Collapse all files

20
.github/workflows/ci_cd.yml vendored
View File

@ -26,7 +26,7 @@ jobs:
uses: actions/checkout@v5
- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Run pre-commit
@ -50,12 +50,12 @@ jobs:
uses: actions/checkout@v5
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@v4
with:
category: /language:${{ matrix.language }}
@ -70,7 +70,7 @@ jobs:
uses: actions/checkout@v5
- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version: '3.11'
@ -93,7 +93,7 @@ jobs:
uses: actions/checkout@v5
- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version: '3.11'
@ -107,7 +107,7 @@ jobs:
poetry build --no-interaction
- name: Upload package artifacts
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v5
with:
name: dist
path: dist
@ -126,12 +126,12 @@ jobs:
uses: actions/checkout@v5
- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Get package artifacts
uses: actions/download-artifact@v5
uses: actions/download-artifact@v6
with:
name: dist
path: dist
@ -319,7 +319,7 @@ jobs:
runs-on: ubuntu-24.04
steps:
- name: Get package artifacts
uses: actions/download-artifact@v5
uses: actions/download-artifact@v6
with:
name: dist
path: dist
@ -345,7 +345,7 @@ jobs:
runs-on: ubuntu-24.04
steps:
- name: Get package artifacts
uses: actions/download-artifact@v5
uses: actions/download-artifact@v6
with:
name: dist
path: dist

3
.gitignore vendored
View File

@ -20,6 +20,9 @@ logs.txt
results.*
.owasp-nettacker*
.nettacker/data*
.data*
*.sarif
*.dd.json
*.DS_Store
*.swp

41
AGENTS.md Normal file
View File

@ -0,0 +1,41 @@
<!--
Think of AGENTS.md as a README for AI agents: a dedicated, predictable place to provide the context and instructions to help AI coding agents work on your project.
See https://agents.md for more info
-->
# Repository Guidelines
## Project Structure & Module Organization
- Source: `nettacker/` (CLI: `nettacker/main.py`, API: `nettacker/api/`, core libs: `nettacker/core/`, modules: `nettacker/modules/`).
- Entry points: `nettacker.py` (Python) and `poetry` script `nettacker`.
- Tests: `tests/` (mirrors package layout: `tests/core/`, `tests/lib/`, etc.).
- Docs & assets: `docs/`, `nettacker/web/static/`.
- Runtime data (not for commit): `.nettacker/data/` (DB at `.nettacker/data/nettacker.db`, results in `.nettacker/data/results/`).
## Build, Test, and Development Commands
- Install: `poetry install` (uses `pyproject.toml`).
- Lint/format (all hooks): `make pre-commit` or `pre-commit run --all-files`.
- Tests: `make test` or `poetry run pytest` (coverage configured via `pyproject.toml`).
- Run CLI: `poetry run nettacker --help` or `python nettacker.py --help`.
- Docker (web UI): `docker-compose up`.
## Coding Style & Naming Conventions
- Python 3.93.12 supported. Use 4-space indents.
- Line length: 99 chars (`ruff`, `ruff-format`, `isort` profile=black).
- Names: modules/files `lower_snake_case`; functions/vars `lower_snake_case`; classes `PascalCase`; constants `UPPER_SNAKE_CASE`.
- Keep functions small, typed where practical, and add docstrings for public APIs.
## Testing Guidelines
- Framework: `pytest` (+ `pytest-asyncio`, `xdist`).
- Location/pattern: place tests under `tests/`; name files `test_*.py`; parametrize where useful.
- Coverage: enforced via `--cov=nettacker` (see `tool.pytest.ini_options`). Add tests with new features and for bug fixes.
- Run subsets: `poetry run pytest -k <expr>`.
## Commit & Pull Request Guidelines
- Commit messages: imperative tense, concise subject; reference issues (`Fixes #123`).
- Before pushing: `pre-commit run --all-files` and `make test` must pass.
- PRs: include a clear description, rationale, linked issue(s), test evidence (logs or screenshots for web UI), and update docs if behavior changes.
## Security & Configuration Tips
- Legal/ethics: only scan assets you are authorized to test.
- Secrets: never commit API keys, DBs, or results; `.nettacker/data/` is runtime-only.
- Config: defaults in `nettacker/config.py` (API key, DB path, paths). Review sensitive headers list before logging.

2
README.md
View File

@ -126,4 +126,4 @@ _____________
[![Stargazers over time](https://starchart.cc/OWASP/Nettacker.svg)](https://starchart.cc/OWASP/Nettacker)
<img alt="" referrerpolicy="no-referrer-when-downgrade" src="https://static.scarf.sh/a.png?x-pxid=8e922d16-445a-4c63-b4cf-5152fbbaf7fd" />

78
docs/CodebaseOverview.md Normal file
View File

@ -0,0 +1,78 @@
## OWASP Nettacker Codebase Overview
OWASP Nettacker is an opensource, Pythonbased framework for automated penetration testing and information gathering. It supports modular tasks such as port scanning, service detection, subdomain enumeration, vulnerability scans, and credential brute forcing, all driven by a unified CLI, REST API, and Web UI.
## Project layout
```
.
├── docs
├── nettacker
│   ├── api
│   ├── core
│   │   ├── lib
│   │   └── utils
│   ├── database
│   ├── lib
│   │   ├── compare_report
│   │   ├── graph
│   │   │   ├── d3_tree_v1
│   │   │   └── d3_tree_v2
│   │   ├── html_log
│   │   ├── icmp
│   │   └── payloads
│   │   ├── User-Agents
│   │   ├── passwords
│   │   └── wordlists
│   ├── locale
│   ├── modules
│   │   ├── brute
│   │   ├── scan
│   │   └── vuln
│   └── web
│   └── static
│   ├── css
│   ├── fonts
│   ├── img
│   │   └── flags
│   │   ├── 1x1
│   │   └── 4x3
│   ├── js
│   └── report
└── tests
├── api
├── core
│   ├── lib
│   └── utils
├── database
└── lib
└── payloads
```
- **Entry point** `nettacker/main.py` creates a `Nettacker` application instance and runs it when invoked via the provided script or CLI
- **Core engine (`nettacker/core`)**
- `app.py` orchestrates scans: parsing arguments, expanding targets (including IP ranges and subdomains), launching multiprocess/multithread modules, and generating reports
- `module.py` loads YAML-defined modules, applies service discovery results, expands payload loops, and dispatches protocol-specific engines in threaded fashion
- `arg_parser.py`, `ip.py`, `messages.py`, and `utils` provide CLI parsing, IP range handling, internationalized messages, and common helpers
- Protocol engines reside in `core/lib` (e.g., HTTP, FTP, SSH, SMTP, socket) and are invoked by modules
- **Modules (`nettacker/modules`)** Scanning logic is defined declaratively in YAML under three categories (`brute`, `scan`, `vuln`). Each module contains an `info` block and a list of `payloads` that specify library, request parameters, fuzzing rules, and response conditions. Example: `dir_scan` performs directory discovery over HTTP using wordlists and response conditions
- **Database layer (`nettacker/database`)** Uses SQLAlchemy to interface with SQLite, MySQL, or PostgreSQL for persisting events and reports
- **API & Web UI (`nettacker/api`, `nettacker/web`)** Flask-based REST API plus static assets enabling webbased scan management
- **Supporting libraries (`nettacker/lib`)** Reporting helpers, ICMP tools, graph generation, and payload wordlists
- **Configuration** `config.py` defines default paths, database settings, and runtime options
- **Tests** The `tests` directory includes unit tests and validation checks; for example, `test_yaml_regexes.py` ensures regex definitions in YAML modules compile correctly
- **Build & dependencies** `pyproject.toml` defines the project as a Poetry package and lists dependencies such as `aiohttp`, `multiprocess`, `paramiko`, and `sqlalchemy`
## Important concepts
- **Modular architecture:** Modules are YAML files; the engine interprets them and runs protocol-specific steps.
- **Target expansion:** Before scanning, the engine normalizes URLs, enumerates IP ranges, resolves subdomains, and runs preliminary checks like ICMP and port scans
- **Service discovery:** Results from `port_scan` feed into subsequent modules, allowing conditional execution based on discovered services. Service discovery can be turned off during scans using `-d` or `--skip-service-discovery` run-time option.
- **Concurrency:** Scans are distributed across processes and threads for performance, with configurable limits per host and module using the `-t` and `-M` runtime options. The requests can be rate-limited using the `-w` option.
## Where to go next
- **Documentation:** Review `docs/Installation.md` and `docs/Usage.md` for setup and basic usage; `docs/Modules.md` explains module types and parameters; `docs/Developers.md` covers contribution guidelines and how to add languages or modules
- **Explore modules:** Study YAML files under `nettacker/modules/*` to see how scans, brute-force checks, and vulnerability tests are structured.
- **Understand protocol engines:** Read files in `nettacker/core/lib/` to learn how HTTP, socket, and other protocol interactions are implemented.
- **Run locally:** Use the CLI (`nettacker`) or Docker instructions in [Installation](Installation.md) and [Usage](Usage.md)
- **Contribute:** Follow the guidelines in `docs/Developers.md` and run `make pre-commit` and `make test` before submitting changes.

7
docs/Developers.md
View File

@ -19,6 +19,7 @@ ________
These are the guidelines you need to keep in mind while contributing:
* Start by familiarising yourself with the Nettacker Codebase: [Codebase Overview](CodebaseOverview.md)
* Use the automated checks: run `make pre-commit` and `make test`
* Thoroughly test your code locally.
* Be sure to add/update related documentation.
@ -44,8 +45,8 @@ OWASP Nettacker is using multi-language libraries (default English) to create a
In some cases language library does not exist, you can create a new file and add it to the framework.
* 1- Goto `lib/messages`
* 2- Name your message library e.g. `fa.yaml`
* 1- Goto `nettacker/locale`
* 2- Name your message library in accordance with the ISO two-letter code e.g. `fa.yaml`
* 3- Copy the default language lib (`en.yaml`) and start your translation.
* 4- **Please notice that you should not change the key-value like `scan_started`, `options` and etc. you just need to modify the Values.**
@ -59,7 +60,7 @@ To contribute to the existing libraries, You may go to `lib/messages` select the
# Contribute to Modules
Modules exist in path `/modules/module_category`. Currently, we have three categories (scan, brute, vuln). if you need to add more just create a directory with a name! To start a new module you should understand what kind of protocol you want to use. The list of protocols and module functionalities are in `core/module_protocols`. To understand how they work read the below example.
Modules exist in path `nettacker/modules/module_category`. Currently, we have three categories (scan, brute, vuln). if you need to add more just create a directory with a name! To start a new module you should understand what kind of protocol you want to use. The list of protocols and module functionalities are in `core/module_protocols`. To understand how they work read the below example.
```yaml
info: # this section is to store information about module

92
docs/Usage.md
View File

@ -55,7 +55,7 @@ Engine:
--verbose-event enable verbose event to see state of each thread
-V, --version show software version
-o REPORT_PATH_FILENAME, --output REPORT_PATH_FILENAME
save all logs in file (results.txt, results.csv, results.html, results.json)
save all logs in file (results.txt, results.csv, results.html, results.json, results.sarif, results.dd.json)
--graph GRAPH_NAME build a graph of all activities and information, you must use HTML output. available graphs:
['d3_tree_v2_graph', 'd3_tree_v1_graph']
-h, --help Show Nettacker Help Menu
@ -81,7 +81,7 @@ Method:
add extra args to pass to modules (e.g. --modules-extra-args "x_api_key=123&xyz_passwd=abc"
--show-all-modules show all modules and their information
--profile PROFILES select profile ['accela', 'adobe', 'apache', 'apache_ofbiz', 'apache_struts', 'atlassian',
'aviatrix', 'backup', 'brute', 'brute_force']
'aviatrix', 'backup', 'brute']
--show-all-profiles show all profiles and their information
-x EXCLUDED_MODULES, --exclude-modules EXCLUDED_MODULES
choose scan method to exclude ['accela_cve_2021_34370_vuln', 'admin_scan',
@ -203,7 +203,7 @@ usage: Nettacker [-L LANGUAGE] [-v] [--verbose-event] [-V] [-o REPORT_PATH_FILEN
--verbose-event enable verbose event to see state of each thread
-V, --version نمایش ورژن نرم افزار
-o REPORT_PATH_FILENAME, --output REPORT_PATH_FILENAME
ذخیره کردن کل لاگ ها در فایل (result.txt، result.html، results.json)
ذخیره کردن کل لاگ ها در فایل (results.txt، results.html، results.csv, results.json, results.sarif, results.dd.json)
--graph GRAPH_NAME ساخت گراف از همه فعالیت ها و اطلاعات، شما باید از خروجی HTML استفاده کنید. گراف های در دسترس:
['d3_tree_v1_graph', 'd3_tree_v2_graph']
-h, --help نشان دادن منوی کمک Nettacker
@ -229,7 +229,7 @@ usage: Nettacker [-L LANGUAGE] [-v] [--verbose-event] [-V] [-o REPORT_PATH_FILEN
add extra args to pass to modules (e.g. --modules-extra-args "x_api_key=123&xyz_passwd=abc"
--show-all-modules show all modules and their information
--profile PROFILES انتخاب پروفایل ['accela', 'adobe', 'apache', 'apache_ofbiz', 'apache_struts', 'atlassian',
'aviatrix', 'backup', 'brute', 'brute_force']
'aviatrix', 'backup', 'brute']
--show-all-profiles show all profiles and their information
-x EXCLUDED_MODULES, --exclude-modules EXCLUDED_MODULES
انتخاب متود اسکن استثنا ['accela_cve_2021_34370_vuln', 'admin_scan',
@ -374,8 +374,8 @@ python nettacker.py -i 192.168.1.1/24 -m *_scan,*_vuln
* Use profiles for using all modules inside a given profile
```
python nettacker.py -i 192.168.1.1/24 --profile information_gathering
python nettacker.py -i 192.168.1.1/24 --profile information_gathering,vulnerabilities
python nettacker.py -i 192.168.1.1/24 --profile info
python nettacker.py -i 192.168.1.1/24 --profile info,vuln
python nettacker.py -i 192.168.1.1/24 --profile all
```
@ -411,43 +411,43 @@ python nettacker.py --show-all-modules
[2021-08-31 17:42:06][+] http_options_enabled_vuln: name: http_options_enabled_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] clickjacking_vuln: name: clickjacking_vuln, author: OWASP Nettacker Team, severity: 5, description: Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button, reference: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html, profiles: ['vuln', 'vulnerability', 'http', 'medium_severity']
[2021-08-31 17:42:06][+] wp_xmlrpc_bruteforce_vuln: name: wp_xmlrpc_bruteforce_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity', 'wordpress', 'wp']
[2021-08-31 17:42:06][+] graphql_vuln: name: graphql_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'information_gathering', 'http', 'low_severity', 'graphql']
[2021-08-31 17:42:06][+] content_security_policy_vuln: name: content_security_policy_vuln, author: OWASP Nettacker Team, severity: 3, description: Content-Security-Policy is the name of a HTTP response header that modern browsers use to enhance the security of the document (or web page). The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads., reference: https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html, profiles: ['vuln', 'vulnerability', 'http', 'low_severity', 'csp']
[2021-08-31 17:42:06][+] xdebug_rce_vuln: name: xdebug_rce_vuln, author: OWASP Nettacker Team, severity: 10, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity']
[2021-08-31 17:42:06][+] x_powered_by_vuln: name: x_powered_by_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] wp_xmlrpc_pingback_vuln: name: wp_xmlrpc_pingback_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'wordpress', 'wp']
[2021-08-31 17:42:06][+] http_cors_vuln: name: http_cors_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] f5_cve_2020_5902_vuln: name: f5_cve_2020_5902_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity', 'cve', 'f5']
[2021-08-31 17:42:06][+] subdomain_takeover_vuln: name: subdomain_takeover_vuln, author: OWASP Nettacker Team, severity: 5, description: let us assume that example.com is the target and that the team running example.com have a bug bounty programme. While enumerating all of the subdomains belonging to example.com — a process that we will explore later — a hacker stumbles across subdomain.example.com, a subdomain pointing to GitHub pages. We can determine this by reviewing the subdomain's DNS records; in this example, subdomain.example.com has multiple A records pointing to GitHub's dedicated IP addresses for custom pages., reference: https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/10-Test_for_Subdomain_Takeover, profiles: ['vuln', 'vulnerability', 'http', 'medium_severity', 'takeover']
[2021-08-31 17:42:06][+] http_trace_enabled_vuln: name: http_trace_enabled_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] http_cookie_vuln: name: http_cookie_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] wp_xmlrpc_dos_vuln: name: wp_xmlrpc_dos_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'wordpress', 'wp']
[2021-08-31 17:42:06][+] server_version_vuln: name: server_version_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] x_xss_protection_vuln: name: x_xss_protection_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] citrix_cve_2019_19781_vuln: name: citrix_cve_2019_19781_vuln, author: OWASP Nettacker Team, severity: 8, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'high_severity', 'cve', 'citrix']
[2021-08-31 17:42:06][+] content_type_options_vuln: name: content_type_options_vuln, author: OWASP Nettacker Team, severity: 2, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity']
[2021-08-31 17:42:06][+] apache_struts_vuln: name: apache_struts_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'low_severity', 'apache_struts']
[2021-08-31 17:42:06][+] vbulletin_cve_2019_16759_vuln: name: vbulletin_cve_2019_16759_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity', 'vbulletin', 'cve']
[2021-08-31 17:42:06][+] msexchange_cve_2021_26855_vuln: name: msexchange_cve_2021_26855_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'vulnerability', 'http', 'critical_severity', 'msexchange', 'cve']
[2021-08-31 17:42:06][+] telnet_brute: name: telnet_brute, author: OWASP Nettacker Team, severity: 3, description: Telnet Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'telnet']
[2021-08-31 17:42:06][+] ssh_brute: name: ssh_brute, author: OWASP Nettacker Team, severity: 3, description: SSH Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'ssh']
[2021-08-31 17:42:06][+] smtp_brute: name: smtp_brute, author: OWASP Nettacker Team, severity: 3, description: SMTP Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'smtp']
[2021-08-31 17:42:06][+] ftps_brute: name: ftps_brute, author: OWASP Nettacker Team, severity: 3, description: FTPS Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'ftp']
[2021-08-31 17:42:06][+] smtps_brute: name: smtps_brute, author: OWASP Nettacker Team, severity: 3, description: SMTPS Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'smtp']
[2021-08-31 17:42:06][+] ftp_brute: name: ftp_brute, author: OWASP Nettacker Team, severity: 3, description: FTP Bruteforcer, reference: None, profiles: ['brute', 'brute_force', 'ftp']
[2021-08-31 17:42:06][+] http_options_enabled_vuln: name: http_options_enabled_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] clickjacking_vuln: name: clickjacking_vuln, author: OWASP Nettacker Team, severity: 5, description: Clickjacking, also known as a "UI redress attack", is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button, reference: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html, profiles: ['vuln', 'http', 'medium_severity']
[2021-08-31 17:42:06][+] wp_xmlrpc_bruteforce_vuln: name: wp_xmlrpc_bruteforce_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity', 'wordpress']
[2021-08-31 17:42:06][+] graphql_vuln: name: graphql_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity', 'graphql']
[2021-08-31 17:42:06][+] content_security_policy_vuln: name: content_security_policy_vuln, author: OWASP Nettacker Team, severity: 3, description: Content-Security-Policy is the name of a HTTP response header that modern browsers use to enhance the security of the document (or web page). The Content-Security-Policy header allows you to restrict how resources such as JavaScript, CSS, or pretty much anything that the browser loads., reference: https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html, profiles: ['vuln', 'http', 'low_severity', 'csp']
[2021-08-31 17:42:06][+] xdebug_rce_vuln: name: xdebug_rce_vuln, author: OWASP Nettacker Team, severity: 10, description: None, reference: None, profiles: ['vuln', 'http', 'critical_severity']
[2021-08-31 17:42:06][+] x_powered_by_vuln: name: x_powered_by_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] wp_xmlrpc_pingback_vuln: name: wp_xmlrpc_pingback_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'wordpress']
[2021-08-31 17:42:06][+] http_cors_vuln: name: http_cors_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] f5_cve_2020_5902_vuln: name: f5_cve_2020_5902_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'http', 'critical_severity', 'cve', 'f5']
[2021-08-31 17:42:06][+] subdomain_takeover_vuln: name: subdomain_takeover_vuln, author: OWASP Nettacker Team, severity: 5, description: let us assume that example.com is the target and that the team running example.com have a bug bounty programme. While enumerating all of the subdomains belonging to example.com — a process that we will explore later — a hacker stumbles across subdomain.example.com, a subdomain pointing to GitHub pages. We can determine this by reviewing the subdomain's DNS records; in this example, subdomain.example.com has multiple A records pointing to GitHub's dedicated IP addresses for custom pages., reference: https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/10-Test_for_Subdomain_Takeover, profiles: ['vuln', 'http', 'medium_severity', 'takeover']
[2021-08-31 17:42:06][+] http_trace_enabled_vuln: name: http_trace_enabled_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] http_cookie_vuln: name: http_cookie_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] wp_xmlrpc_dos_vuln: name: wp_xmlrpc_dos_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'wordpress']
[2021-08-31 17:42:06][+] server_version_vuln: name: server_version_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] x_xss_protection_vuln: name: x_xss_protection_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] citrix_cve_2019_19781_vuln: name: citrix_cve_2019_19781_vuln, author: OWASP Nettacker Team, severity: 8, description: None, reference: None, profiles: ['vuln', 'http', 'high_severity', 'cve', 'citrix']
[2021-08-31 17:42:06][+] content_type_options_vuln: name: content_type_options_vuln, author: OWASP Nettacker Team, severity: 2, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity']
[2021-08-31 17:42:06][+] apache_struts_vuln: name: apache_struts_vuln, author: OWASP Nettacker Team, severity: 3, description: None, reference: None, profiles: ['vuln', 'http', 'low_severity', 'apache_struts']
[2021-08-31 17:42:06][+] vbulletin_cve_2019_16759_vuln: name: vbulletin_cve_2019_16759_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'http', 'critical_severity', 'vbulletin', 'cve']
[2021-08-31 17:42:06][+] msexchange_cve_2021_26855_vuln: name: msexchange_cve_2021_26855_vuln, author: OWASP Nettacker Team, severity: 9, description: None, reference: None, profiles: ['vuln', 'http', 'critical_severity', 'msexchange', 'cve']
[2021-08-31 17:42:06][+] telnet_brute: name: telnet_brute, author: OWASP Nettacker Team, severity: 3, description: Telnet Bruteforcer, reference: None, profiles: ['brute', 'telnet']
[2021-08-31 17:42:06][+] ssh_brute: name: ssh_brute, author: OWASP Nettacker Team, severity: 3, description: SSH Bruteforcer, reference: None, profiles: ['brute', 'ssh']
[2021-08-31 17:42:06][+] smtp_brute: name: smtp_brute, author: OWASP Nettacker Team, severity: 3, description: SMTP Bruteforcer, reference: None, profiles: ['brute', 'smtp']
[2021-08-31 17:42:06][+] ftps_brute: name: ftps_brute, author: OWASP Nettacker Team, severity: 3, description: FTPS Bruteforcer, reference: None, profiles: ['brute', 'ftp']
[2021-08-31 17:42:06][+] smtps_brute: name: smtps_brute, author: OWASP Nettacker Team, severity: 3, description: SMTPS Bruteforcer, reference: None, profiles: ['brute', 'smtp']
[2021-08-31 17:42:06][+] ftp_brute: name: ftp_brute, author: OWASP Nettacker Team, severity: 3, description: FTP Bruteforcer, reference: None, profiles: ['brute', 'ftp']
[2021-08-31 17:42:06][+] whatcms_scan: name: dir_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: https://www.zaproxy.org/docs/alerts/10095/, profiles: ['scan', 'http', 'backup', 'low_severity']
[2021-08-31 17:42:06][+] icmp_scan: name: icmp_scan, author: OWASP Nettacker Team, severity: 0, description: check if host is alive through ICMP, reference: None, profiles: ['scan', 'information_gathering', 'infortmation', 'info', 'low_severity']
[2021-08-31 17:42:06][+] subdomain_scan: name: subdomain_scan, author: OWASP Nettacker Team, severity: 0, description: Find subdomains using different sources on internet, reference: None, profiles: ['scan', 'information_gathering', 'infortmation', 'info', 'low_severity']
[2021-08-31 17:42:06][+] port_scan: id: port_scan, author: OWASP Nettacker Team, severity: 0, description: Find open ports and services, reference: None, profiles: ['scan', 'http', 'information_gathering', 'infortmation', 'info', 'low_severity']
[2021-08-31 17:42:06][+] icmp_scan: name: icmp_scan, author: OWASP Nettacker Team, severity: 0, description: check if host is alive through ICMP, reference: None, profiles: ['scan', 'info', 'low_severity']
[2021-08-31 17:42:06][+] subdomain_scan: name: subdomain_scan, author: OWASP Nettacker Team, severity: 0, description: Find subdomains using different sources on internet, reference: None, profiles: ['scan', 'info', 'low_severity']
[2021-08-31 17:42:06][+] port_scan: id: port_scan, author: OWASP Nettacker Team, severity: 0, description: Find open ports and services, reference: None, profiles: ['scan', 'http', 'info', 'low_severity']
[2021-08-31 17:42:06][+] admin_scan: name: admin_scan, author: OWASP Nettacker Team, severity: 3, description: Admin Directory Finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity']
[2021-08-31 17:42:06][+] dir_scan: name: dir_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: https://www.zaproxy.org/docs/alerts/10095/, profiles: ['scan', 'http', 'backup', 'low_severity']
[2021-08-31 17:42:06][+] viewdns_reverse_iplookup_scan: name: viewdns_reverse_iplookup_scan, author: OWASP Nettacker Team, severity: 3, description: reverse lookup for target ip, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'reverse_lookup']
[2021-08-31 17:42:06][+] drupal_version_scan: name: drupal_version_scan, author: OWASP Nettacker Team, severity: 3, description: fetch drupal version from target, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'drupal']
[2021-08-31 17:42:06][+] joomla_version_scan: name: drupal_version_scan, author: OWASP Nettacker Team, severity: 3, description: fetch drupal version from target, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'drupal']
[2021-08-31 17:42:06][+] wordpress_version_scan: name: wordpress_version_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'wp', 'wordpress']
[2021-08-31 17:42:06][+] wordpress_version_scan: name: wordpress_version_scan, author: OWASP Nettacker Team, severity: 3, description: Directory, Backup finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity', 'wordpress']
[2021-08-31 17:42:06][+] pma_scan: name: pma_scan, author: OWASP Nettacker Team, severity: 3, description: php my admin finder, reference: None, profiles: ['scan', 'http', 'backup', 'low_severity']
[2021-08-31 17:42:06][+] all:
```
@ -470,8 +470,6 @@ info:
reference:
profiles:
- scan
- information_gathering
- infortmation
- info
- low_severity
- asset_discovery(new added profile)
@ -531,6 +529,22 @@ def nettacker_user_application_config():
}
```
* Nettacker supports five different output types for the final report
1. HTML (.html) -> This also renders the graph
2. CSV (.csv)
3. JSON (.json)
4. SARIF (.sarif)
5. DefectDojo compatible json (.dd.json)
These output types will help with integration with different softwares and dashboards. To set the output mode use the `-o` or `--output` flag
```
python nettacker.py -i 192.168.1.1/24 --profile information_gathering -o report.sarif
python nettacker.py -i 192.168.1.1/24 --profile information_gathering -o report.json
python nettacker.py -i 192.168.1.1/24 --profile information_gathering --output report.dd.json
```
# API and WebUI
API and WebUI are new interfaces through which you can send your commands to Nettacker. Technically WebUI was developed based on the present API to demonstrate an example of the current API and can be used as another easier interface. To start using this feature, simply run `python nettacker.py --start-api`.
```

1
nettacker/__init__.py
View File

@ -0,0 +1 @@
all_module_severity_and_desc = {}

2
nettacker/core/app.py
View File

@ -66,7 +66,7 @@ class Nettacker(ArgParser):
log.reset_color()
def check_dependencies(self):
if sys.platform not in {"darwin", "linux"}:
if sys.platform not in {"darwin", "freebsd13", "freebsd14", "freebsd15", "linux"}:
die_failure(_("error_platform"))
try:

8
nettacker/core/arg_parser.py
View File

@ -4,6 +4,7 @@ from argparse import ArgumentParser
import yaml
from nettacker import all_module_severity_and_desc
from nettacker.config import version_info, Config
from nettacker.core.die import die_failure, die_success
from nettacker.core.ip import (
@ -80,7 +81,6 @@ class ArgParser(ArgumentParser):
an array of all module names
"""
# Search for Modules
module_names = {}
for module_name in sorted(Config.path.modules_dir.glob("**/*.yaml")):
library = str(module_name).split("/")[-1].split(".")[0]
@ -88,7 +88,11 @@ class ArgParser(ArgumentParser):
module = f"{library}_{category}"
contents = yaml.safe_load(TemplateLoader(module).open().split("payload:")[0])
module_names[module] = contents["info"] if full_details else None
info = contents.get("info", {})
all_module_severity_and_desc[module] = {
"severity": info.get("severity", 0),
"desc": info.get("description", ""),
}
if len(module_names) == limit:
module_names["..."] = {}
break

128
nettacker/core/graph.py
View File

@ -3,11 +3,13 @@ import html
import importlib
import json
import os
import uuid
from datetime import datetime
from pathlib import Path
import texttable
from nettacker import logger
from nettacker import logger, all_module_severity_and_desc
from nettacker.config import Config, version_info
from nettacker.core.die import die_failure
from nettacker.core.messages import messages as _
@ -119,6 +121,99 @@ def create_compare_text_table(results):
return table.draw() + "\n\n"
def create_dd_specific_json(all_scan_logs):
severity_mapping = {1: "Info", 2: "Low", 3: "Medium", 4: "High", 5: "Critical"}
findings = []
for log in all_scan_logs:
module_name = log["module_name"].strip()
date = datetime.strptime(log["date"], "%Y-%m-%d %H:%M:%S.%f").strftime("%m/%d/%Y")
port = str(log.get("port", "")).strip()
impact = log.get("event", "").strip()
severity_justification = log.get("json_event", "").strip()
service = log.get("target", "").strip()
unique_id = log.get("scan_id", uuid.uuid4().hex)
metadata = all_module_severity_and_desc.get(module_name, {})
severity_raw = metadata.get("severity", 0)
description = metadata.get("desc", "")
if severity_raw >= 9:
severity = severity_mapping[5]
elif severity_raw >= 7:
severity = severity_mapping[4]
elif severity_raw >= 4:
severity = severity_mapping[3]
elif severity_raw > 0:
severity = severity_mapping[2]
else:
severity = severity_mapping[1]
findings.append(
{
"date": date,
"title": module_name,
"description": description.strip(),
"severity": severity,
"param": port,
"impact": impact,
"severity_justification": severity_justification,
"service": service,
"unique_id_from_tool": unique_id,
"static_finding": False,
"dynamic_finding": True,
}
)
return json.dumps({"findings": findings}, indent=4)
def create_sarif_report(all_scan_logs):
"""
Takes all_scan_logs and converts them to a SARIF based json
format. The schema and version used are 2.1.0 linked below.
The following conversions are made:
ruleId: name of the module
message: event value for each log in all_scan_logs
locations.physicalLocations.artifactLocation.uri: target value
webRequest.properties.json_event: json_event value for each log in all_scan_logs
properties.scan_id: scan_id unique value for each run
properties.date: date field specified in all_scan_logs
"""
sarif_structure = {
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "Nettacker",
"version": "0.4.0",
"informationUri": "https://github.com/OWASP/Nettacker",
}
},
"results": [],
}
],
}
for log in all_scan_logs:
sarif_result = {
"ruleId": log["module_name"],
"message": {"text": log["event"]},
"locations": [{"physicalLocation": {"artifactLocation": {"uri": log["target"]}}}],
"properties": {
"scan_id": log["scan_id"],
"date": log["date"],
"json_event": log["json_event"],
},
}
sarif_structure["runs"][0]["results"].append(sarif_result)
return json.dumps(sarif_structure, indent=2)
def create_report(options, scan_id):
"""
sort all events, create log file in HTML/TEXT/JSON and remove old logs
@ -179,25 +274,34 @@ def create_report(options, scan_id):
+ "</p>"
+ log_data.json_parse_js
)
with open(report_path_filename, "w", encoding="utf-8") as report_file:
with Path(report_path_filename).open("w", encoding="utf-8") as report_file:
report_file.write(html_table_content + "\n")
report_file.close()
elif len(report_path_filename) >= 5 and report_path_filename[-8:].lower() == ".dd.json":
with Path(report_path_filename).open("w", encoding="utf-8") as report_file:
dd_content_json = create_dd_specific_json(all_scan_logs)
report_file.write(dd_content_json + "\n")
elif len(report_path_filename) >= 5 and report_path_filename[-5:] == ".json":
with open(report_path_filename, "w", encoding="utf-8") as report_file:
with Path(report_path_filename).open("w", encoding="utf-8") as report_file:
report_file.write(str(json.dumps(all_scan_logs)) + "\n")
report_file.close()
elif len(report_path_filename) >= 6 and report_path_filename[-6:].lower() == ".sarif":
with Path(report_path_filename).open("w", encoding="utf-8") as report_file:
sarif_content = create_sarif_report(all_scan_logs)
report_file.write(sarif_content + "\n")
elif len(report_path_filename) >= 5 and report_path_filename[-4:] == ".csv":
keys = all_scan_logs[0].keys()
with open(report_path_filename, "a") as csvfile:
with Path(report_path_filename).open("a") as csvfile:
writer = csv.DictWriter(csvfile, fieldnames=keys)
writer.writeheader()
for log_list in all_scan_logs:
dict_data = {key: value for key, value in log_list.items() if key in keys}
writer.writerow(dict_data)
csvfile.close()
else:
with open(report_path_filename, "w", encoding="utf-8") as report_file:
with Path(report_path_filename).open("w", encoding="utf-8") as report_file:
report_file.write(build_text_table(all_scan_logs))
log.write(build_text_table(all_scan_logs))
@ -278,20 +382,20 @@ def create_compare_report(options, scan_id):
len(fullpath) >= 4 and fullpath[-4:] == ".htm"
):
html_report = build_compare_report(compare_results)
with open(fullpath, "w", encoding="utf-8") as compare_report:
with Path(fullpath).open("w", encoding="utf-8") as compare_report:
compare_report.write(html_report + "\n")
elif len(fullpath) >= 5 and fullpath[-5:] == ".json":
with open(fullpath, "w", encoding="utf-8") as compare_report:
with Path(fullpath).open("w", encoding="utf-8") as compare_report:
compare_report.write(str(json.dumps(compare_results)) + "\n")
elif len(fullpath) >= 5 and fullpath[-4:] == ".csv":
keys = compare_results.keys()
with open(fullpath, "a") as csvfile:
with Path(fullpath).open("a") as csvfile:
writer = csv.DictWriter(csvfile, fieldnames=keys)
if csvfile.tell() == 0:
writer.writeheader()
writer.writerow(compare_results)
else:
with open(fullpath, "w", encoding="utf-8") as compare_report:
with Path(fullpath).open("w", encoding="utf-8") as compare_report:
compare_report.write(create_compare_text_table(compare_results))
log.write(create_compare_text_table(compare_results))

31
nettacker/core/module.py
View File

@ -118,26 +118,25 @@ class Module:
self.module_content["payloads"] = expand_module_steps(self.module_content["payloads"])
def sort_loops(self):
steps = []
for index in range(len(self.module_content["payloads"])):
for step in copy.deepcopy(self.module_content["payloads"][index]["steps"]):
if "dependent_on_temp_event" not in step[0]["response"]:
steps.append(step)
steps_without_dependencies = []
steps_with_temp_dependencies = []
steps_with_normal_dependencies = []
for step in copy.deepcopy(self.module_content["payloads"][index]["steps"]):
if (
"dependent_on_temp_event" in step[0]["response"]
and "save_to_temp_events_only" in step[0]["response"]
):
steps.append(step)
resp = step[0]["response"]
if "dependent_on_temp_event" not in resp:
steps_without_dependencies.append(step)
elif "save_to_temp_events_only" in resp:
steps_with_temp_dependencies.append(step)
else:
steps_with_normal_dependencies.append(step)
for step in copy.deepcopy(self.module_content["payloads"][index]["steps"]):
if (
"dependent_on_temp_event" in step[0]["response"]
and "save_to_temp_events_only" not in step[0]["response"]
):
steps.append(step)
self.module_content["payloads"][index]["steps"] = steps
self.module_content["payloads"][index]["steps"] = (
steps_without_dependencies
+ steps_with_temp_dependencies
+ steps_with_normal_dependencies
)
def start(self):
active_threads = []

15
nettacker/locale/ka.yml → nettacker/locale/ka.yaml
View File

@ -25,15 +25,14 @@ database_connect_fail: ڈیٹابیس سیت رابطہ نئیں بن پایو!
database_connection_failed: چُنی گیے ڈیٹابیس سیت رابطہ ناکام!
define_white_list: "سفید فہرست ہوسٹس مقرر کرنہ، الگ کرنہ ',' سیت (مثال: 127.0.0.1, 192.168.0.1/24, 10.0.0.1-10.0.0.255)"
engine: انجن
filtered_content: ... [مکمل مواد رپورٹ منز چھ]
filtered_content: "... [مکمل مواد رپورٹ منز چھ]"
engine_input: انجن انپٹ اختیارات
Invalid_whatcms_api_key: "{0}"
searching_whatcms_database: whatcms.org پر CMS تلاش کرنہ...
whatcms_monthly_quota_exceeded: تُہند ماہانہ WHATCMS درخواست حد پار گئ چھ
finished_module: موڈیول {0} مکمل گیے ہدف {1} پر | موڈیول تھریڈ نمبر {2} از {3}!
modules_extra_args_help: موڈیولس ہند واسطے اضافی دلائل چھپن (مثال: --modules-extra-args "x_api_key=123&xyz_passwd=abc")
modules_extra_args_help: 'موڈیولس ہند واسطے اضافی دلائل چھپن (مثال: --modules-extra-args "x_api_key=123&xyz_passwd=abc")'
choose_scan_method: موڈیول چُنہ {0}، مکمل فہرست خاطر --show-all-modules استعمال کرنہ
cannot_run_api_server: API سرور خودس اندران چلائو نہ یتھ!
error_target: ہدف طے کرنہ ممکن نہ چھ
error_target_file: "ہدف طے کرنہ ممکن نہ چھ، فائِل کھولنہ ناکام: {0}"
error_username: "یوزرنام طے کرنہ ممکن نہ چھ، فائِل کھولنہ ناکام: {0}"
@ -65,12 +64,12 @@ module_profile_full_information: "{0}{1}{2}: {3}"
nettacker_report: OWASP Nettacker رپورٹ
nettacker_version_details: "سافٹ ویئر تفصیل: OWASP Nettacker ورژن {0} [{1}] منز {2}"
not_found: نہ ملیو!
outgoing_proxy: "باہر جارنہ کنکشن خاطر پراکسی (socks)۔ مثال socks5: 127.0.0.1:9050, socks://127.0.0.1:9050, socks5://127.0.0.1:9050 یا socks4: socks4://127.0.0.1:9050, توکن: socks://username:password@127.0.0.1"
outgoing_proxy: "باہر جارنہ کنکشن خاطر پراکسی (socks)۔ مثال socks5: 127.0.0.1:9050, socks://127.0.0.1:9050, socks5://127.0.0.1:9050 یا socks4: socks4://127.0.0.1:9050, ٹوکن: socks://USERNAME:PASSWORD@127.0.0.1"
password_separator: پاسورڈ فہرست، "," سیت الگ کرنہ
pentest_graphs: پینیٹریشن ٹیسٹنگ گرافس
ping_before_scan: سکین سیت پہلے پنگ کرنہ
port_separator: پورٹ فہرست، "," سیت الگ کرنہ
ports_int: پورٹس لازمی عدد ہون! (مثال: 80 || 80,1080 || 80,1080-1300,9000,12000-15000)
ports_int: پورٹس لازمی عدد ہون! (مثال: 80, 80,1080, 80,1080-1300,9000,12000-15000)
profile_404: پروفائل "{0}" نہ ملیو!
range: IP حدود سکین کرنہ
read_passwords: پاسورڈس فائِل منز پڈھان
@ -95,10 +94,8 @@ show_all_profiles: سبھی پروفائلز تہ اُنکی معلومات دی
single_process_started: عمل-{0}| عمل شروع گئ!
software_version: سافٹ ویئر ورژن دیکھاو
start_api_server: API سروس شروع کرنہ
start_multi_process: {0} اہداف {1} عملس منز شامل کرنہ.
start_parallel_module_scan:
عمل-{0}|{1}|{2}| موڈیول تھریڈ نمبر {3} شروع گئ
از {4}
start_multi_process: "{0} اہداف {1} عملس منز شامل کرنہ."
start_parallel_module_scan: عمل-{0}|{1}|{2}| موڈیول تھریڈ نمبر {3} شروع گئ از {4}
subdomains: سب ڈومینس پتہ لگان تہ سکین کرنہ
target: ہدف
target_input: ہدف انپٹ اختیارات

1
nettacker/modules/brute/ftp.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- ftp
payloads:

1
nettacker/modules/brute/ftps.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- ftp
payloads:

1
nettacker/modules/brute/pop3.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- pop3
payloads:

1
nettacker/modules/brute/pop3s.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- pop3
payloads:

1
nettacker/modules/brute/smtp.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- smtp
payloads:

1
nettacker/modules/brute/smtps.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- smtp
payloads:

1
nettacker/modules/brute/ssh.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- ssh
payloads:

1
nettacker/modules/brute/telnet.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- brute
- brute_force
- telnet
payloads:

2
nettacker/modules/scan/icmp.yaml
View File

@ -6,8 +6,6 @@ info:
reference:
profiles:
- scan
- information_gathering
- infortmation
- info
- low_severity

2
nettacker/modules/scan/port.yaml
View File

@ -7,8 +7,6 @@ info:
profiles:
- scan
- http
- information_gathering
- infortmation
- info
- low_severity

2
nettacker/modules/scan/subdomain.yaml
View File

@ -6,8 +6,6 @@ info:
reference:
profiles:
- scan
- information_gathering
- infortmation
- info
- low_severity

1
nettacker/modules/scan/wordpress_version.yaml
View File

@ -9,7 +9,6 @@ info:
- http
- backup
- low_severity
- wp
- wordpress
payloads:

1
nettacker/modules/scan/wp_plugin.yaml
View File

@ -9,7 +9,6 @@ info:
- http
- backup
- low_severity
- wp
- wordpress
payloads:
- library: http

1
nettacker/modules/scan/wp_theme.yaml
View File

@ -9,7 +9,6 @@ info:
- http
- backup
- low_severity
- wp
- wordpress
- wp_theme

1
nettacker/modules/scan/wp_timethumbs.yaml
View File

@ -9,7 +9,6 @@ info:
- http
- backup
- low_severity
- wp
- wp_timethumbs
- wordpress

1
nettacker/modules/vuln/accela_cve_2021_34370.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-34370
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/adobe_coldfusion_cve_2023_26360.yaml
View File

@ -9,7 +9,6 @@ info:
- http://packetstormsecurity.com/files/172079/Adobe-ColdFusion-Unauthenticated-Remote-Code-Execution.html
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve

1
nettacker/modules/vuln/apache_cve_2021_41773.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-41773
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/apache_cve_2021_42013.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-42013
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/apache_ofbiz_cve_2024_38856.yaml
View File

@ -10,7 +10,6 @@ info:
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve

1
nettacker/modules/vuln/apache_struts.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity
- apache_struts

1
nettacker/modules/vuln/aviatrix_cve_2021_40870.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-40870
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/cisco_hyperflex_cve_2021_1497.yaml
View File

@ -8,7 +8,6 @@ info:
- https://packetstormsecurity.com/files/162976/Cisco-HyperFlex-HX-Data-Platform-Command-Execution.html
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

1
nettacker/modules/vuln/citrix_cve_2019_19781.yaml
View File

@ -7,7 +7,6 @@ info:
- https://support.citrix.com/article/CTX267027
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

1
nettacker/modules/vuln/citrix_cve_2023_24488.yaml
View File

@ -9,7 +9,6 @@ info:
- https://blog.assetnote.io/2023/06/29/citrix-xss-advisory/
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve

1
nettacker/modules/vuln/citrix_cve_2023_4966.yaml
View File

@ -10,7 +10,6 @@ info:
- https://github.com/advisories/GHSA-2g42-2pwg-93cj
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

1
nettacker/modules/vuln/clickjacking.yaml
View File

@ -6,7 +6,6 @@ info:
reference: "https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html"
profiles:
- vuln
- vulnerability
- http
- medium_severity

1
nettacker/modules/vuln/cloudron_cve_2021_40868.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-40868
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/confluence_cve_2023_22515.yaml
View File

@ -12,7 +12,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2023-22515
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve

1
nettacker/modules/vuln/confluence_cve_2023_22527.yaml
View File

@ -9,7 +9,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2023-22527
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve

1
nettacker/modules/vuln/content_security_policy.yaml
View File

@ -6,7 +6,6 @@ info:
reference: "https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html"
profiles:
- vuln
- vulnerability
- http
- low_severity
- csp

1
nettacker/modules/vuln/content_type_options.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity

2
nettacker/modules/vuln/cyberoam_netgenie_cve_2021_38702.yaml
View File

@ -6,10 +6,8 @@ info:
reference: https://seclists.org/fulldisclosure/2021/Aug/20
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve_2021_38702
- cve2021
- cve
- cyberoam

1
nettacker/modules/vuln/exponent_cms_cve_2021_38751.yaml
View File

@ -8,7 +8,6 @@ info:
- https://github.com/exponentcms/exponent-cms/blob/a9fa9358c5e8dc2ce7ad61d7d5bea38505b8515c/exponent_constants.php#L56-L64
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve

1
nettacker/modules/vuln/f5_cve_2020_5902.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve

1
nettacker/modules/vuln/forgerock_am_cve_2021_35464.yaml
View File

@ -7,7 +7,6 @@ info:
- https://portswigger.net/research/pre-auth-rce-in-forgerock-openam-cve-2021-35464
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/galera_webtemp_cve_2021_40960.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40960
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve2021

1
nettacker/modules/vuln/grafana_cve_2021_43798.yaml
View File

@ -8,7 +8,6 @@ info:
- https://github.com/jas502n/Grafana-VulnTips
profiles:
- vuln
- vulnerability
- http
- critical_severity
- grafana

1
nettacker/modules/vuln/graphql.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- information_gathering
- http
- low_severity
- graphql

1
nettacker/modules/vuln/gurock_testrail_cve_2021_40875.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40875
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/hoteldruid_cve_2021-37833.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-37833
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/http_cookie.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/http_cors.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/http_options_enabled.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/ivanti_epmm_cve_2023_35082.yaml
View File

@ -10,7 +10,6 @@ info:
- https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

1
nettacker/modules/vuln/ivanti_ics_cve_2023_46805.yaml
View File

@ -8,7 +8,6 @@ info:
- https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

1
nettacker/modules/vuln/justwirting_cve_2021_41878.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41878
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/log4j_cve_2021_44228.yaml
View File

@ -8,7 +8,6 @@ info:
- https://github.com/huntresslabs/log4shell-tester
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/maxsite_cms_cve_2021_35265.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-35265
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/msexchange_cve_2021_26855.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- critical_severity
- msexchange

1
nettacker/modules/vuln/msexchange_cve_2021_34473.yaml
View File

@ -8,7 +8,6 @@ info:
- https://blog.orange.tw/2021/08/proxylogon-a-new-attack-surface-on-ms-exchange-part-1.html
profiles:
- vuln
- vulnerability
- http
- critical_severity
- msexchange

1
nettacker/modules/vuln/novnc_cve_2021_3654.yaml
View File

@ -8,7 +8,6 @@ info:
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3654
profiles:
- vuln
- vulnerability
- http
- low_severity
- cve2021

1
nettacker/modules/vuln/omigod_cve_2021_38647.yaml
View File

@ -8,7 +8,6 @@ info:
- https://github.com/microsoft/omi
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/paloalto_panos_cve_2025_0108.yaml
View File

@ -10,7 +10,6 @@ info:
- https://thehackernews.com/2025/02/cisa-adds-palo-alto-networks-and.html
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

1
nettacker/modules/vuln/payara_cve_2021_41381.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-41381
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/phpinfo_cve_2021_37704.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37704
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/placeos_cve_2021_41826.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-41826
profiles:
- vuln
- vulnerability
- http
- low_severity
- cve2021

1
nettacker/modules/vuln/prestashop_cve_2021_37538.yaml
View File

@ -8,7 +8,6 @@ info:
- https://blog.sorcery.ie/posts/smartblog_sqli/
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

2
nettacker/modules/vuln/puneethreddyhc_sqli_cve_2021_41648.yaml
View File

@ -7,12 +7,10 @@ info:
- https://github.com/MobiusBinary/CVE-2021-41648
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve2021
- cve
- puneethreddyhc
- sqli
payloads:

2
nettacker/modules/vuln/puneethreddyhc_sqli_cve_2021_41649.yaml
View File

@ -7,12 +7,10 @@ info:
- https://github.com/MobiusBinary/CVE-2021-41649
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve2021
- cve
- puneethreddyhc
- sqli
payloads:

1
nettacker/modules/vuln/qsan_storage_xss_cve_2021_37216.yaml
View File

@ -7,7 +7,6 @@ info:
- https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/server_version.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/sonicwall_sslvpn_cve_2024_53704.yaml
View File

@ -9,7 +9,6 @@ info:
- https://www.cisa.gov/news-events/alerts/2025/02/18/cisa-adds-two-known-exploited-vulnerabilities-catalog
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve

2
nettacker/modules/vuln/ssl_certificate_weak_signature.yaml
View File

@ -6,7 +6,7 @@ info:
reference:
- https://www.ssl.com/article/ssl-tls-self-signed-certificates/
profiles:
- scan
- vuln
- ssl
payloads:

2
nettacker/modules/vuln/ssl_expired_certificate.yaml
View File

@ -6,7 +6,7 @@ info:
reference:
- https://www.beyondsecurity.com/resources/vulnerabilities/ssl-certificate-expiry
profiles:
- scan
- vuln
- ssl
payloads:

2
nettacker/modules/vuln/ssl_self_signed_certificate.yaml
View File

@ -6,7 +6,7 @@ info:
reference:
- https://www.ssl.com/article/ssl-tls-self-signed-certificates/
profiles:
- scan
- vuln
- ssl
payloads:

2
nettacker/modules/vuln/ssl_weak_cipher.yaml
View File

@ -7,7 +7,7 @@ info:
- https://www.manageengine.com/privileged-access-management/help/ssl_vulnerability.html
- https://www.acunetix.com/vulnerabilities/web/tls-ssl-weak-cipher-suites/
profiles:
- scan
- vuln
- ssl
payloads:

2
nettacker/modules/vuln/ssl_weak_version.yaml
View File

@ -7,7 +7,7 @@ info:
- https://www.manageengine.com/privileged-access-management/help/ssl_vulnerability.html
- https://www.cloudflare.com/learning/ssl/why-use-tls-1.3/
profiles:
- scan
- vuln
- ssl
payloads:

1
nettacker/modules/vuln/strict_transport_security.yaml
View File

@ -8,7 +8,6 @@ info:
- https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/07-Test_HTTP_Strict_Transport_Security
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/subdomain_takeover.yaml
View File

@ -6,7 +6,6 @@ info:
reference: "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/10-Test_for_Subdomain_Takeover"
profiles:
- vuln
- vulnerability
- http
- medium_severity
- takeover

1
nettacker/modules/vuln/teamcity_cve_2024_27198.yaml
View File

@ -10,7 +10,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2024-27198
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve

1
nettacker/modules/vuln/tieline_cve_2021_35336.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-35336
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

1
nettacker/modules/vuln/tjws_cve_2021_37573.yaml
View File

@ -7,7 +7,6 @@ info:
- https://seclists.org/fulldisclosure/2021/Aug/13
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

1
nettacker/modules/vuln/vbulletin_cve_2019_16759.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- critical_severity
- vbulletin

1
nettacker/modules/vuln/wp_plugin_cve_2021_38314.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38314
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve2021

1
nettacker/modules/vuln/wp_plugin_cve_2021_39316.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39316
profiles:
- vuln
- vulnerability
- http
- high_severity
- cve2021

1
nettacker/modules/vuln/wp_plugin_cve_2021_39320.yaml
View File

@ -8,7 +8,6 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2021-39320
profiles:
- vuln
- vulnerability
- http
- medium_severity
- cve2021

2
nettacker/modules/vuln/wp_plugin_cve_2023_47668.yaml
View File

@ -9,11 +9,9 @@ info:
profiles:
- vuln
- vulnerability
- http
- medium_severity
- wordpress
- wp
payloads:
- library: http

1
nettacker/modules/vuln/wp_plugin_cve_2023_6875.yaml
View File

@ -9,7 +9,6 @@ info:
- https://www.cve.org/CVERecord?id=CVE-2023-6875
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2023

2
nettacker/modules/vuln/wp_xmlrpc_bruteforce.yaml
View File

@ -6,11 +6,9 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity
- wordpress
- wp
payloads:
- library: http

2
nettacker/modules/vuln/wp_xmlrpc_dos.yaml
View File

@ -6,10 +6,8 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- wordpress
- wp
payloads:
- library: http

2
nettacker/modules/vuln/wp_xmlrpc_pingback.yaml
View File

@ -6,10 +6,8 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- wordpress
- wp
payloads:
- library: http

1
nettacker/modules/vuln/x_powered_by.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/x_xss_protection.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- low_severity

1
nettacker/modules/vuln/xdebug_rce.yaml
View File

@ -6,7 +6,6 @@ info:
reference:
profiles:
- vuln
- vulnerability
- http
- critical_severity
- rce

1
nettacker/modules/vuln/zoho_cve_2021_40539.yaml
View File

@ -8,7 +8,6 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40539
profiles:
- vuln
- vulnerability
- http
- critical_severity
- cve2021

41
poetry.lock generated
View File

@ -1816,30 +1816,31 @@ use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"]
[[package]]
name = "ruff"
version = "0.7.3"
version = "0.12.11"
description = "An extremely fast Python linter and code formatter, written in Rust."
optional = false
python-versions = ">=3.7"
groups = ["dev"]
files = [
{file = "ruff-0.7.3-py3-none-linux_armv6l.whl", hash = "sha256:34f2339dc22687ec7e7002792d1f50712bf84a13d5152e75712ac08be565d344"},
{file = "ruff-0.7.3-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:fb397332a1879b9764a3455a0bb1087bda876c2db8aca3a3cbb67b3dbce8cda0"},
{file = "ruff-0.7.3-py3-none-macosx_11_0_arm64.whl", hash = "sha256:37d0b619546103274e7f62643d14e1adcbccb242efda4e4bdb9544d7764782e9"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d59f0c3ee4d1a6787614e7135b72e21024875266101142a09a61439cb6e38a5"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:44eb93c2499a169d49fafd07bc62ac89b1bc800b197e50ff4633aed212569299"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6d0242ce53f3a576c35ee32d907475a8d569944c0407f91d207c8af5be5dae4e"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:6b6224af8b5e09772c2ecb8dc9f3f344c1aa48201c7f07e7315367f6dd90ac29"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c50f95a82b94421c964fae4c27c0242890a20fe67d203d127e84fbb8013855f5"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7f3eff9961b5d2644bcf1616c606e93baa2d6b349e8aa8b035f654df252c8c67"},
{file = "ruff-0.7.3-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b8963cab06d130c4df2fd52c84e9f10d297826d2e8169ae0c798b6221be1d1d2"},
{file = "ruff-0.7.3-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:61b46049d6edc0e4317fb14b33bd693245281a3007288b68a3f5b74a22a0746d"},
{file = "ruff-0.7.3-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:10ebce7696afe4644e8c1a23b3cf8c0f2193a310c18387c06e583ae9ef284de2"},
{file = "ruff-0.7.3-py3-none-musllinux_1_2_i686.whl", hash = "sha256:3f36d56326b3aef8eeee150b700e519880d1aab92f471eefdef656fd57492aa2"},
{file = "ruff-0.7.3-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:5d024301109a0007b78d57ab0ba190087b43dce852e552734ebf0b0b85e4fb16"},
{file = "ruff-0.7.3-py3-none-win32.whl", hash = "sha256:4ba81a5f0c5478aa61674c5a2194de8b02652f17addf8dfc40c8937e6e7d79fc"},
{file = "ruff-0.7.3-py3-none-win_amd64.whl", hash = "sha256:588a9ff2fecf01025ed065fe28809cd5a53b43505f48b69a1ac7707b1b7e4088"},
{file = "ruff-0.7.3-py3-none-win_arm64.whl", hash = "sha256:1713e2c5545863cdbfe2cbce21f69ffaf37b813bfd1fb3b90dc9a6f1963f5a8c"},
{file = "ruff-0.7.3.tar.gz", hash = "sha256:e1d1ba2e40b6e71a61b063354d04be669ab0d39c352461f3d789cac68b54a313"},
{file = "ruff-0.12.11-py3-none-linux_armv6l.whl", hash = "sha256:93fce71e1cac3a8bf9200e63a38ac5c078f3b6baebffb74ba5274fb2ab276065"},
{file = "ruff-0.12.11-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:b8e33ac7b28c772440afa80cebb972ffd823621ded90404f29e5ab6d1e2d4b93"},
{file = "ruff-0.12.11-py3-none-macosx_11_0_arm64.whl", hash = "sha256:d69fb9d4937aa19adb2e9f058bc4fbfe986c2040acb1a4a9747734834eaa0bfd"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:411954eca8464595077a93e580e2918d0a01a19317af0a72132283e28ae21bee"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:6a2c0a2e1a450f387bf2c6237c727dd22191ae8c00e448e0672d624b2bbd7fb0"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:8ca4c3a7f937725fd2413c0e884b5248a19369ab9bdd850b5781348ba283f644"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:4d1df0098124006f6a66ecf3581a7f7e754c4df7644b2e6704cd7ca80ff95211"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:5a8dd5f230efc99a24ace3b77e3555d3fbc0343aeed3fc84c8d89e75ab2ff793"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:4dc75533039d0ed04cd33fb8ca9ac9620b99672fe7ff1533b6402206901c34ee"},
{file = "ruff-0.12.11-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4fc58f9266d62c6eccc75261a665f26b4ef64840887fc6cbc552ce5b29f96cc8"},
{file = "ruff-0.12.11-py3-none-manylinux_2_31_riscv64.whl", hash = "sha256:5a0113bd6eafd545146440225fe60b4e9489f59eb5f5f107acd715ba5f0b3d2f"},
{file = "ruff-0.12.11-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:0d737b4059d66295c3ea5720e6efc152623bb83fde5444209b69cd33a53e2000"},
{file = "ruff-0.12.11-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:916fc5defee32dbc1fc1650b576a8fed68f5e8256e2180d4d9855aea43d6aab2"},
{file = "ruff-0.12.11-py3-none-musllinux_1_2_i686.whl", hash = "sha256:c984f07d7adb42d3ded5be894fb4007f30f82c87559438b4879fe7aa08c62b39"},
{file = "ruff-0.12.11-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:e07fbb89f2e9249f219d88331c833860489b49cdf4b032b8e4432e9b13e8a4b9"},
{file = "ruff-0.12.11-py3-none-win32.whl", hash = "sha256:c792e8f597c9c756e9bcd4d87cf407a00b60af77078c96f7b6366ea2ce9ba9d3"},
{file = "ruff-0.12.11-py3-none-win_amd64.whl", hash = "sha256:a3283325960307915b6deb3576b96919ee89432ebd9c48771ca12ee8afe4a0fd"},
{file = "ruff-0.12.11-py3-none-win_arm64.whl", hash = "sha256:bae4d6e6a2676f8fb0f98b74594a048bae1b944aab17e9f5d504062303c6dbea"},
{file = "ruff-0.12.11.tar.gz", hash = "sha256:c6b09ae8426a65bbee5425b9d0b82796dbb07cb1af045743c79bfb163001165d"},
]
[[package]]
@ -2253,4 +2254,4 @@ type = ["pytest-mypy"]
[metadata]
lock-version = "2.1"
python-versions = "^3.9, <3.13"
content-hash = "0377e9d8f656d26bacf2ec6faa811d7172263b595430dc8ce21c5911538d3ed3"
content-hash = "0e1731401cd6acfc4d45ede5e18668530aae6a6b2e359d7dc8d8d635635a1257"

Some files were not shown because too many files have changed in this diff Show More