OWASP Nettacker Project Presentation

The OWASP Nettacker Project is an open-source software tool that assists with penetration testing by automating tasks such as information gathering and vulnerability scanning. It is written in Python and has a modular structure that allows for easy creation of custom modules. The tool is fast performing and customizable, with profiles that bundle modules focused on specific tasks. Its main use case is asset discovery, allowing users to scan their network for open ports, default credentials, specific vulnerabilities, subdomains, and expired SSL certificates. The tool can be automated using the command line and provides results in CSV, JSON, and HTML formats. The latest version of the tool uses YAML for module writing, making it easier to contribute new modules. The project is open source and welcomes contributions from the community.

• OWASP Nettacker Project is an open-source software tool for penetration testing
• It is written in Python and has a modular structure
• The tool is fast performing and customizable
• Its main use case is asset discovery
• The tool can be automated using the command line and provides results in CSV, JSON, and HTML formats
• The latest version of the tool uses YAML for module writing, making it easier to contribute new modules
• The project is open source and welcomes contributions from the community

The presenter was initially unaware of the OWASP Nettacker Project until he was asked to present it at a conference. He and his colleague had to learn the tool overnight and were pleasantly surprised by its capabilities. At the conference, they had huge crowds of people gathering around their stand to watch the presentation of the tool, and everyone loved it. This experience led the presenter to become a co-leader of the project and propose that it be presented at future conferences.

Join us for a presentation on the OWASP Nettacker Projecthttps://owasp.org/www-project-nettacker/