Conference:  OWASP 20th Anniversary Event

Authors: Sam Stepanyan

2021-09-24

The OWASP Nettacker Project is an open-source software tool that assists with penetration testing by automating tasks such as information gathering and vulnerability scanning. It is written in Python and has a modular structure that allows for easy creation of custom modules. The tool is fast performing and customizable, with profiles that bundle modules focused on specific tasks. Its main use case is asset discovery, allowing users to scan their network for open ports, default credentials, specific vulnerabilities, subdomains, and expired SSL certificates. The tool can be automated using the command line and provides results in CSV, JSON, and HTML formats. The latest version of the tool uses YAML for module writing, making it easier to contribute new modules. The project is open source and welcomes contributions from the community.

• OWASP Nettacker Project is an open-source software tool for penetration testing
• It is written in Python and has a modular structure
• The tool is fast performing and customizable
• Its main use case is asset discovery
• The tool can be automated using the command line and provides results in CSV, JSON, and HTML formats
• The latest version of the tool uses YAML for module writing, making it easier to contribute new modules
• The project is open source and welcomes contributions from the community