Contribution to OWASP Nettacker - GSoC’21 Journey

This year I got selected into the GSoC program for OWASP Nettacker. It has been fun to work with Aman Gupta and guided by the mentors Ali Razmjoo and Sam Stepanyan during this time period.

What is OWASP Nettacker?

OWASP Nettacker is an Automated Penetration Testing and Information Gathering Tool. The project is created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations and other information. This software will utilize TCP SYN, ACK, ICMP, and many other protocols to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanner making it one of the bests.

What’s new in v0.0.3?

  • Deprecated support for python2 because nettacker dependencies also deprecate support for python2.

Note:

Currently Nettacker is at v0.0.2 and not released as final end product. We are working on improvement of it as v0.0.3 which is in development and testing phase and it is going to be available soon for end user.

Still if you want to see the latest and updated version of Nettacker, you can clone the python3 branch of Nettacker and run the project. Also, we are going to improve webUI side which is it going to be available in v0.0.4. The contribution to the Nettacker will be continued and we will keep improving the project and keep working on webUI which is pending now.

Contribution done so far:

All the contribution we have done so far been including my 40+ commits in python3 branch is under PR 440.

List of changes majorly I have worked on:

Things I Learned during this project:

  • Importance of code quality. Working on such a big project helped me in understanding the code also the structure big projects like Nettacker follow.

I am grateful to work with Aman Gupta and my mentors Ali Razmjoo and Sam Stepanyan . It was not possible without their guidance and support to make this GSoC journey successful.

Also thanks to Google for organizing such an awesome program.

Feel free to connect on twitter @itsdivyanshjain.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store