i OWASP_Nettacker – Network Automated penetration testing framework – All things in moderation

OWASP_Nettacker – Network Automated penetration testing framework


OWASP Nettacker is an open source software in Python language which lets you automated penetration testing and automated Information Gathering. This software can be run on Windows/Linux/OSX under Python.

Nettacker is an automated tool that collects information, scans for vulnerabilities and ultimately generates a report for the network, including services, errors, vulnerabilities, misconfigurations, and information. This software can use SYN, ACK, TCP, ICMP and many other protocols to detect and bypass firewalls / IDS / IPS and other devices. By using a single solution in Nettacker to find protected services like SCADA We can make a point to be one of the bests of scanners.


  • IoT Scanner
  • Python Multi-Thread & Multi Process Network Information Gathering Vulnerability Scanner
  • Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and much more… )
  • Network Service Analysis
  • Services Brute Force Testing
  • Services Vulnerability Testing
  • HTTP/HTTPS Crawling, Fuzzing, Information Gathering and …
  • HTML and Text Outputs
  • This project is at the moment in research and development phase and most of results/codes are not published yet.


git clone https://github.com/Nettacker/Nettacker.git
cd Nettacker
pip install -r requirements.txt
./nettacker.py -h


– Exploit single target or multi targets:

Target input options

-i TARGETS, –targets TARGETS

            target(s) list, separate with ","


            read target(s) from file

– Using multi scans, exploits:


            choose scan method ['port_scan', 'subdomain_scan',
            'admin_scan', 'wappalyzer_scan', 'dir_scan',
            'viewdns_reverse_ip_lookup_scan', 'pma_scan',
            'icmp_scan', 'ProFTPd_cpu_consumption_vuln',
            'CCS_injection_vuln', 'heartbleed_vuln',
            'Bftpd_double_free_vuln', 'Bftpd_remote_dos_vuln',
            'content_security_policy_vuln', 'smtp_brute',
            'http_form_brute', 'ssh_brute', 'http_ntlm_brute',
            'ftp_brute', 'telnet_brute', 'http_basic_auth_brute',

– Running multithreading attack and connection

-t THREAD_NUMBER, –thread-connection THREAD_NUMBER

            thread numbers for connections to a host


            thread numbers for scan hosts


./nettacker.py -i TARGET -m SCAN_METHOD -t 100

Port scanning
./nettacker.py -i vulnweb.com -m port_scan -t 100

wappalyzer scan
./nettacker.py -i testphp.vulnweb.com -m wappalyzer_scan -t 100

subdomain scan
./nettacker.py -i testphp.vulnweb.com -m subdomain_scan -t 100

Leave a Reply