nettacker

Scan target for vulnerabilities

$ nettacker -i [target.com]

$ nettacker -i [target] -m [ssh_brute,ftp_brute]

$ nettacker -l [targets.txt]

$ nettacker -i [target] -m all

$ nettacker -i [target] -p [22,80,443]

$ nettacker -i [target] -o [report.html]

$ nettacker -i [target] -t [10] --timeout [5]

nettacker [-i target] [-l file] [-m modules] [-p ports] [-o output] [options]

nettacker is an automated penetration testing framework. It scans for vulnerabilities, performs brute force attacks, and identifies misconfigurations.
Modules target specific vulnerabilities or services: SSH brute force, FTP anonymous access, web vulnerabilities, subdomain enumeration, and more.
The framework supports network scanning, service detection, and exploitation in an automated workflow. Results are collected and reported.
Output formats include HTML reports with graphs, JSON for processing, and text. The D3 graph visualization shows attack paths and findings.
An API server enables integration with other tools and automation frameworks. The web interface provides point-and-click scanning.
This tool is designed for authorized security assessments and penetration testing.

-i TARGET

Target (IP, hostname, CIDR).

Target list file.

Modules to run (comma-separated).

Ports to scan.

Output file.

Number of threads.

Timeout in seconds.

Username for brute force.

Username list file.

Password list file.

Scan method.

Generate graph (d3_tree, etc.).

Run API server.

Only use with proper authorization. May trigger IDS/IPS alerts. Brute force can cause account lockouts. Some modules are intrusive.

OWASP Nettacker was developed as part of the OWASP (Open Web Application Security Project) as an open-source penetration testing framework. It provides automated security scanning capabilities for security professionals.

nmap(1), metasploit(1), nikto(1), sqlmap(1)