A new and improved nipper-ng: pynipper-ng

[syn-4ck]

Context 🤝

Hi everyone (particularly to @arpitn30)!

I'm an appsec engineer that in my undergraduate studies I had worked with nipper-ng for auditing network devices. In my Final Degree Project I made a pentesting over some Cisco devices using the tool and I developed a little project to run the CLI using a web application.

When I did this project, I used this repo, so I am very grateful with @arpitn30 to store this amazing tool and promote it!

The future of nipper-ng ➡️

In my opinion nipper-ng was a very used and an important tool in network device pentesting, but it is outdated (writted in C/C++, without API integrations, old CVEs and misconfigurations, old architecture...). I think that it needs a big refactor!

pynipper-ng like alternative 🔧

To improve and modernize nipper-ng, I am developing https://github.com/syn-4ck/pynipper-ng:

• Using a simple and new architecture based on plugins: you can add, modify or remove plugins and the core of the tool is the same.
• Written in python 3.
• A new CI/CD culture: security and quality compliance using SAST, SCA, CI flows...
• Contribution + open source

Help me (if you would like) 🆘

My purpose is that this project is going to have a big community. Nowadays the tool has the core fuctionality to scan Cisco devices with some plugins, but translate all plugins for all device type because it involves a lot of work for me (I cannot dedicate 24/7 to it). I am writting this issue to find people who needs this tool and wants to help me with this development 😄. Thanks in advance!

[syn-4ck]

Links 🔗

• Repository: https://github.com/syn-4ck/pynipper-ng
• TODO list: https://github.com/syn-4ck/pynipper-ng/discussions/53
• Your very important opinion: https://github.com/syn-4ck/pynipper-ng/discussions/38
• The pynipper-ng website: https://syn-4ck.github.io/pynipper-ng/

Best regards.