nettacker

Perform network security assessments and penetration testing

TLDR

List all available modules

$ nettacker --show-all-modules

Run a port scan on targets

$ nettacker [[-m|--modules]] port_scan [[-i|--targets]] [192.168.0.1/24,owasp.org,scanme.org,...]

Run a port scan on specific ports and targets listed in a file (newline separated)

$ nettacker [[-m|--modules]] port_scan [[-g|--ports]] [22,80,443,...] [[-l|--targets-list]] [path/to/targets.txt]

Run ping test before scan and then run multiple scan types on target

$ nettacker --ping-before-scan [[-m|--modules]] [port_scan,subdomain_scan,waf_scan,...] [[-g|--ports]] [80,443] [[-i|--targets]] [owasp.org]

-h, --help
    Show help message and exit.

-t, --targets
    Specify target file.

-T, --target
    Specify a single target.

-m, --module
    Specify module to use.

-o, --output
    Specify output file.

-v, --verbose
    Enable verbose output.

--version
    Show version number and exit.

--threads
    Specify the number of threads.

--timeout
    Specify the timeout in seconds.

--config
    Specify the configuration file.

DESCRIPTION

Nettacker is an open-source penetration testing framework designed for automating network infrastructure attacks.
It facilitates the discovery of vulnerabilities and misconfigurations across various network services and protocols. Nettacker uses a modular approach, allowing users to select specific attack modules and configure them to target particular systems or network segments.
The framework supports a wide range of attack techniques, including service fingerprinting, vulnerability scanning, brute-force attacks, and exploitation of known vulnerabilities. Its output can be customized to generate reports suitable for documenting findings and presenting them to stakeholders. Nettacker is designed to be used by security professionals, penetration testers, and network administrators to assess the security posture of their networks and identify potential weaknesses.
The project is actively maintained and continuously expanded with new modules and features.

CAVEATS

Nettacker should only be used on systems and networks where you have explicit permission to conduct penetration testing. Unauthorized use of Nettacker is illegal and unethical. The accuracy and effectiveness of Nettacker's results depend on the configuration and the target environment. False positives and false negatives are possible.

<B>MODULES</B>

Nettacker uses modules to perform specific actions. Some modules include: port scanning, vulnerability scanning, brute-forcing. The available modules depend on the installation and the specific version of Nettacker. You can use the --module option to select a specific module.

<B>CONFIGURATION</B>

Nettacker can be configured using a configuration file. The format of the configuration file is typically YAML or JSON. The configuration file can be used to specify options such as the number of threads, the timeout, and the target list.