OWASP · securestep9 · Jul 21, 2023 · Jul 9, 2023 · Jul 15, 2023
@@ -3,6 +3,7 @@
 
 #ignore IDE settings
 *.idea*
+*.vscode*
 
 #setup
 build/*

@@ -39,7 +39,7 @@
 from database.db import search_logs
 from database.db import logs_to_report_html
 from config import nettacker_global_config
-from core.scan_targers import start_scan_processes
+from core.scan_targets import start_scan_processes
 from core.args_loader import check_all_required
 
 app = Flask(

@@ -2,7 +2,7 @@
 # -*- coding: utf-8 -*-
 
 
-from core.scan_targers import start_scan_processes
+from core.scan_targets import start_scan_processes
 from core.alert import info
 from core.alert import write
 from core.alert import messages

@@ -3,20 +3,18 @@ OWASP Nettacker core functions
 
 OWASP Nettacker core functions are stored in here.
 
-* `die.py` exit functions
-* `time.py` time functions
 * `alert.py` user alerts and printing functions
 * `args_loader.py` ARGV commands and apply rules
-* `attack.py` start new attacks and multi-processing managements
-* `color.py` color founds for windows and linux/mac.
+* `color.py` color founds for windows and linux/mac
 * `compatible.py` compatibility functions
-* `config.py` user configs (could be modify by user)
-* `config_builder.py` core static configs (same as user configs but should not be change by users)
-* `get_input.py` get inputs from users functions
+* `die.py` exit functions
+* `graph.py` graph representation
 * `ip.py` IPv4 and IPv6 functions
-* `load_modules` load modules, requirements, paths functions
-* `log.py` log the scans and generate reports
+* `load_modules.py` load modules, requirements, paths functions
+* `messages.py` class messages
 * `parse.py` parse the ARGV and pass it
-* `targets.py` process, calculate and count targets 
-* `update.py` updates functions of the framework
-* `wizard.py` wizard mode for the framework
+* `scan_targets.py` start new attacks and multi-processing managements
+* `socks_proxy.py` use SOCKS5 proxy 
+* `targets.py` process, calculate and count targets
+* `time.py` time functions
+* `utility.py` support functions
@@ -32,7 +32,7 @@ def expand_targets(options, scan_unique_id):
     Returns:
         a generator
     """
-    from core.scan_targers import multi_processor
+    from core.scan_targets import multi_processor
     targets = []
     for target in options.targets:
         if '://' in target:

@@ -25,15 +25,15 @@
 
 def db_inputs(connection_type):
     """
-        a function to determine the type of database the user wants to work with and
-        selects the corresponding connection to the db
+    a function to determine the type of database the user wants to work with and
+    selects the corresponding connection to the db
 
-        Args:
-            connection_type: type of db we are working with
+    Args:
+        connection_type: type of db we are working with
 
-        Returns:
-            corresponding command to connect to the db
-        """
+    Returns:
+        corresponding command to connect to the db
+    """
     return {
         "postgres": 'postgres+psycopg2://{0}:{1}@{2}:{3}/{4}'.format(USER, PASSWORD, HOST, PORT, DATABASE),
         "mysql": 'mysql://{0}:{1}@{2}:{3}/{4}'.format(USER, PASSWORD, HOST, PORT, DATABASE),
@@ -43,25 +43,22 @@ def db_inputs(connection_type):
 
 def create_connection():
     """
-    a function to create connections to db, it retries 100 times if connection returned an error
+    a function to create connections to db with pessimistic approach
 
     Returns:
         connection if success otherwise False
     """
     try:
-        for _ in range(0, 100):
-            try:
-                db_engine = create_engine(
-                    db_inputs(DB),
-                    connect_args={
-                        'check_same_thread': False
-                    }
-                )
-                Session = sessionmaker(bind=db_engine)
-                session = Session()
-                return session
-            except Exception:
-                time.sleep(0.1)
+        db_engine = create_engine(
+            db_inputs(DB),
+            connect_args={
+                'check_same_thread': False
+            },
+            pool_pre_ping=True
+        )
+        Session = sessionmaker(bind=db_engine)
+        session = Session()
+        return session
     except Exception:
         warn(messages("database_connect_fail"))
     return False
@@ -196,17 +193,17 @@ def submit_temp_logs_to_db(log):
 
 def find_temp_events(target, module_name, scan_unique_id, event_name):
     """
-        select all events by scan_unique id, target, module_name
+    select all events by scan_unique id, target, module_name
 
-        Args:
-            target: target
-            module_name: module name
-            scan_unique_id: unique scan identifier
-            event_name: event_name
+    Args:
+        target: target
+        module_name: module name
+        scan_unique_id: unique scan identifier
+        event_name: event_name
 
-        Returns:
-            an array with JSON events or an empty array
-        """
+    Returns:
+        an array with JSON events or an empty array
+    """
     session = create_connection()
     try:
         for _ in range(1, 100):

@@ -9,7 +9,7 @@ texttable==1.6.7
 PySocks==1.7.1 # library_name=socks # module name is not equal to socks name; this is required to be checked on startup
 pyOpenSSL==23.2.0 # library_name=OpenSSL
 flask==2.3.2
-SQLAlchemy>=1.3.0 # library_name=sqlalchemy
+SQLAlchemy>=1.4.43 # library_name=sqlalchemy
 py3DNS==3.2.1 # library_name=DNS
 numpy==1.24.3
 terminable_thread==0.7.1