Skip to content

NetGun is a free and open source tool for Vulnerability Assessment, port scanning, services enumeration, misconfigurations testing and CVE research

License

Notifications You must be signed in to change notification settings

Carlo-Colizzi/NetGun

Repository files navigation

NetGun

NETGUN

Repo metadata

issues - NetGun_Classe03 License

Documentation

view - Documentation

Introduction

NetGun is a Vulnerability Scanner written in Python. It allows to scan Network infrastructures, enumerate the services running on them, unearth CVEs and Misconfigurations. It aims to facilitate a complex practice such as Penetration Testing, so that PTs can focus on more delicate aspects, automating and speeding up the tasks behind this type of Testing.

NetGun allows you to

  • Detect open and closed ports on any accessible target host
  • Detect the Operating System
  • Detect the services running on each port
  • Detect firewalls
  • Detect tipical misconfigurations
  • Detect CVEs on services

Installation

git clone https://github.com/Carlo-Colizzi/NetGun
cd NetGun
pip install -r requirements.txt

How to Use

> Here you can set the details of the scan

> You can set IPv4 and Port range

> Choose the protocol used by the researched services, TCP or UDP

> Choose the Advanced Options:

  • OS detection: let to discover the OS used by the Target
  • Disable PING: during the scan the ping functionality will not be used
  • SYN scan: SYN scan is the default and most popular scan option for good reason. It can be performed quickly, scanning thousands of ports per second on a fast network not hampered by intrusive firewalls. SYN scan is relatively unobtrusive and stealthy, since it never completes TCP connections.
  • ACK scan: Its probe packet has only the ACK flag set. When scanning unfiltered systems, open and closed ports will both return a RST packet. NetGun then labels them as unfiltered, meaning that they are reachable by the ACK packet, but whether they are open or closed is undetermined. Ports that don't respond, or send certain ICMP error messages back, are labeled filtered.

  • Important: you can't use SYN scan and ACK scan together

> Choose the scan mode:

  • SHALLOW: a shallow and stealth scan, do not look for services version
  • DEEP: a deep scan, look also for services version

> Choose the scan aggressivity, from 0 (slow and stealth) to 4 (fast)

> When the scan terminate, you will see the results in such a table:

CVE analysis

> You can check all the CVEs of a specific service just selecting it and clicking "Open CVE". The Vulnerabilities are obtained through the National Vulnerability Database of U.S. government

Speedtest by OOkla

> You can also make a Speedtest:

Other Images

About

NetGun is a free and open source tool for Vulnerability Assessment, port scanning, services enumeration, misconfigurations testing and CVE research

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published