#scanner

nuclei-burp-plugin
sponsor
nuclei-burp-plugin

A Burp Suite plugin intended to help with Nuclei template generation.

Nuclei templates
sponsor
Nuclei templates

Community curated list of templates for the Nuclei engine to find security vulnerabilities.

mapcidr
sponsor
mapcidr

Small utility program to perform multiple operations for a given subnet/CIDR ranges.

Naabu
sponsor
Naabu

A fast port scanner written in go with a focus on reliability and simplicity.

Nuclei
sponsor
Nuclei

Fast and customizable vulnerability scanner based on simple YAML based DSL.

AWS security checks
featured
AWS security checks

This Burp Suite provides additional Scanner checks for AWS security issues.

Seatbelt
Seatbelt

Performs security oriented safety checks relevant from offensive/defensive security perspectives.

Genzai
Genzai

Helps to identify IoT related dashboards and scan them for default passwords.

WebCopilot
WebCopilot

Automation tool designed to enumerate subdomains and detect bugs using different open-source tools.

Gsec
Gsec

Web security scanner.

Rootkit Hunter
Rootkit Hunter

Scans for rootkits, backdoors and possible local exploits.

chkrootkit
chkrootkit

Locally checks for signs of a rootkit.

pingcastle
pingcastle

Get Active Directory security at 80% in 20% of the time.

IVRE
IVRE

Network recon framework.

driftctl
driftctl

Detect, track and alert on infrastructure drift.

django-DefectDojo
django-DefectDojo

DevSecOps, ASPM, Vulnerability Management.

zgrab
zgrab

Fast Go application scanner.

zmap
zmap

Fast single packet network scanner designed for Internet-wide network surveys.

pphack
pphack

The most advanced client-side prototype pollution scanner.

tsunami-security-scanner
tsunami-security-scanner

Network security scanner with an extensible plugin system.

vbscan
vbscan

A black box vBulletin vulnerability scanner.

lynis
lynis

Security auditing tool for Linux, macOS, and UNIX-based systems.

GSIL
GSIL

GitHub Sensitive Information Leakage.

a2sv
a2sv

Auto Scanning to SSL Vulnerability.

netdiscover
netdiscover

Network address discovering tool.

Sirius
Sirius

Truly open-source general purpose vulnerability scanner.

gcp_scanner
gcp_scanner

A comprehensive scanner for Google Cloud.

TEx
TEx

Telegram Explorer created to help researchers, investigators and law enforcement agent.

DivideAndScan
DivideAndScan

Divide full port scan results and use it for targeted Nmap runs.

droopescan
droopescan

A plugin-based scanner that aids security researchers in identifying issues with several CMSs.

Trivy
Trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, repositories...

Cake Fuzzer
Cake Fuzzer

Cutting-edge project designed to automate the continuous discovery of vulnerabilities in webapps.

BurpGPT
BurpGPT

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan.

Rapidscan
Rapidscan

The multi tool web vulnerability scanner.

plution
plution

Prototype pollution scanner using headless chrome.

Jira-Lens
Jira-Lens

Fast and customizable vulnerability scanner for Jira.

WINspect
WINspect

Powershell-based Windows security auditing toolbox.

fuxploider
fuxploider

File upload vulnerability scanner and exploitation tool.

hping
hping

Network tool able to send custom TCP/IP packets.

Mr.SIP
Mr.SIP

SIP-based audit and attack tool.

egressbuster
egressbuster

Check egress filtering and identify if ports are allowed to automatically spawn a shell.

PS2
PS2

A port scanner written purely in PowerShell.

SQLiDetector
SQLiDetector

Helps you to detect SQL injection "Error based" by sending multiple requests.

co2
co2

A collection of enhancements for Portswigger's popular Burp Suite web penetration testing tool.

additional-scanner-checks
additional-scanner-checks

Collection of scanner checks missing in Burp.

archerysec
archerysec

Automate your application security orchestration and correlation (ASOC).

wpfinger
wpfinger

wpfinger is a red-team WordPress scanning tool.

BugBountyScanner
BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use.

Kscan
Kscan

Kscan is an all-round scanner developed purely in Go, with functions such as port scanning, protocol.

UDPX
UDPX

Fast and lightweight UDP scanner that supports the discovery of many services.

Crlfi
Crlfi

CRLF bug scanner for WebPentesters and Bugbounty Hunters.

qscan
qscan

Quick network scanner library.

svn-extractor
svn-extractor

Simple script to extract all web resources by means of .SVN folder exposed over network.

Kubestroyer
Kubestroyer

Exploit Kubernetes clusters misconfigurations and be the swiss army knife of your pentests.

IAMagic
IAMagic

Advanced AWS access credentials scanner.

GPT_Vuln-Analyzer
GPT_Vuln-Analyzer

A powerful network scanner, DNS recon, subdomain enumeration and IP Geolocator tool powered by GPT.

nmapAutomater
nmapAutomater

Automate the process of enumeration & recon that is run every time.

vcsmap
vcsmap

Plugin-based tool to scan public version control systems for sensitive information.

ssh-auditor
ssh-auditor

The best way to scan for weak ssh passwords on your network.

aem-detector
aem-detector

Discover Adobe Experience Manager (AEM) Content Management System (CMS) websites.

TerminatorZ
TerminatorZ

Scan for top potential vulnerabilities with known CVEs in your web applications.

Unicornscan
Unicornscan

An asynchronous TCP and UDP port scanner.

ike-scan
ike-scan

Discover and fingerprint IKE hosts.

amap
amap

Identify applications even if they are running on a different port than normal.

Grendel-Scan
Grendel-Scan

A tool for automated security scanning of web applications.

ratproxy
ratproxy

A semi-automated largely passive web application security audit tool.

wikto
wikto

Nikto for Windows with some extra features.

WebInspect
WebInspect

An automated dynamic testing solution that provides comprehensive vulnerability detection.

Invicti
Invicti

Web Application Security For Enterprise.

Striker
Striker

Offensive information and vulnerability scanner.

celerystalk
celerystalk

An asynchronous enumeration & vulnerability scanner.

RedTeam_toolkit
RedTeam_toolkit

Open source Django offensive webapp which is keeping the best tools used in the redteaming.

smb-scanner
smb-scanner

Samba scanning tool.

RED HAWK
RED HAWK

All in one tool for information gathering, vulnerability scanning and crawling.

Vulmap
Vulmap

Online local vulnerability scanners project.

Skanuvaty
Skanuvaty

Dangerously fast DNS/network/port scanner.

autoSSRF
autoSSRF

Smart context-based SSRF vulnerability scanner.

CMSeek
CMSeek

CMS Detection and Exploitation suite that supports over 180 other CMSs.

afrog
afrog

A vulnerability scanning tools for penetration testing.

Qualys Cloud Platform
Qualys Cloud Platform

The revolutionary architecture that powers Qualys' IT, security, and compliance cloud apps.

SSTImap
SSTImap

Automatic SSTI detection tool with interactive interface.

AORT
AORT

All in one recon tool for bug bounty.

LanGuard
LanGuard

Patch management, vulnerability scanning, and network auditing.

Nexpose
Nexpose

Vulnerability scanner which aims to support the entire vulnerability management lifecycle.

Core Impact
Core Impact

Designed to enable security teams to conduct advanced penetration tests with ease.

WebScarab
WebScarab

Framework for analysing applications that communicate using the HTTP and HTTPS protocols.

Paros Proxy
Paros Proxy

HTTP(S) proxy for assessing web application vulnerability.

Nessus
Nessus

The global gold standard in vulnerability assessment built for the modern attack surface.

Ronin
Ronin

A free and open source Ruby toolkit for security research and development.

Vuls
Vuls

Agent-less vulnerability scanner.

jok3r
jok3r

Network and Web Pentest Automation Framework.

Legion
Legion

Aids in discovery, reconnaissance and exploitation of information systems.

IntelSpy
IntelSpy

Perform automated network reconnaissance scans to gather network intelligence.

Trishul
Trishul

Burp Suite Extension to hunt for common vulnerabilities found in websites.

ATOR
ATOR

Authentication Token Obtain and Replace Extender.

Coercer
Coercer

Automatically coerce a Windows server to authenticate on an arbitrary machine.

Raccoon
Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning.

Angry IP Scanner
Angry IP Scanner

Fast and simple-to-use open-source/cross-platform network scanner.

RouterSploit
RouterSploit

Exploitation framework for embedded devices.

TLD Scanner
TLD Scanner

Scan all possible TLD's for a given domain name.

ChopChop
ChopChop

Scan endpoints and identify exposition of sensitive services/files/folders.

Acunetix
Acunetix

Quickly find and fix the vulnerabilities that put your web applications at risk of attack.

FOCA
FOCA

Tool to find metadata and hidden information in the documents.

OpenVAS
OpenVAS

This repository contains the scanner component for Greenbone Community Edition.

Java Deserialization Scanner
Java Deserialization Scanner

All-in-one plugin for the detection and exploitation of Java deserialization vulnerabilities.

burp-vulners-scanner
burp-vulners-scanner

Vulnerability scanner based on vulners.com search API.

Simple Basic Malware Scanner
Simple Basic Malware Scanner

Simple Malware Scanner based on file hash scan.

Betterscan
Betterscan

Code Scanning/SAST/static analysis/linting using many tools/scanners with one report.

Burp WP
Burp WP

Find known vulnerabilities in WordPress plugins and themes, WPScan like plugin for Burp.

HTTPoxy Scanner
HTTPoxy Scanner

A Burp Suite extension that checks for the HTTPoxy vulnerability.

Dastardly Scan Action
Dastardly Scan Action

Runs a scan using Dastardly by Burp Suite against a target site and generates a report.

scan-check-builder
scan-check-builder

Burp Suite extension which helps to improve the active and passive scanner by yourself.

Distribute Damage
Distribute Damage

Evenly distributes scanner load across targets.

J2EEScan
J2EEScan

Improve the test coverage during web application penetration tests on J2EE applications.

UploadScanner
UploadScanner

HTTP file upload scanner for Burp Proxy.

ActiveScan++
ActiveScan++

Extends Burp Suite's active and passive scanning capabilities.

EMBA
EMBA

The security analyzer for firmware of embedded devices.

Eagle
Eagle

Vulnerability scanner for mass detection of web-based applications vulnerabilities.

backslash-powered-scanner
backslash-powered-scanner

Finds unknown classes of injection vulnerabilities.

flan
flan

A pretty sweet vulnerability scanner.

Arachni
Arachni

Web Application Security Scanner Framework.

Second Order
Second Order

Second-order subdomain takeover scanner.

S3Scanner
S3Scanner

Scan for open S3 buckets and dump the contents.

WPSpider
WPSpider

A centralized dashboard for running and scheduling WordPress scans powered by WPScan utility.

WPRecon
WPRecon

Tool for the recognition of vulnerabilities and blackbox information for Wordpress.

pyfiscan
pyfiscan

Free web-application vulnerability and version scanner.

changeme
changeme

A default credential scanner.

XSSwagger
XSSwagger

A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks.

XSSer
XSSer

Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.

XSpear
XSpear

Powerfull XSS Scanning and Parameter analysis tool&gem.

DOMDig
DOMDig

DOM XSS scanner for Single Page Applications.

Extended XSS Searcher and Finder
Extended XSS Searcher and Finder

Scans for different types of XSS on a list of urls.

XSSCon
XSSCon

Simple XSS Scanner tool.

See-SURF
See-SURF

Detect Vulnerable SSRF parameters.

metahttp
metahttp

Script that automates the scanning of a target network for HTTP resources through XXE.

SQLiv
SQLiv

Massive SQL injection vulnerability scanner.

SQLTruncSanner
SQLTruncSanner

Messy BurpSuite plugin for SQL Truncation vulnerabilities.

Evil SQL Client
Evil SQL Client

Interactive .NET SQL console client with enhanced SQL Server discovery/access/exfiltration features.

SQLiScanner
SQLiScanner

Automatic SQL injection with Charles and sqlmap API.

Extended SSRF search
Extended SSRF search

Smart SSRF scanner using different methods like parameter brute forcing in POST and GET.

InQL
InQL

Burp Extension for GraphQL Security Testing.

BurpBounty
BurpBounty

Improve the active and passive Burp Suite scanner by means of custom rules through GUI.

off-by-slash
off-by-slash

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

CRLF-Injection-Scanner
CRLF-Injection-Scanner

Command line tool for testing CRLF injection on a list of domains.

CRLFsuite
CRLFsuite

The most powerful CRLF injection scanner.

CorsMe
CorsMe

CORS misconfiguration scanner tool with speed and precision in mind!

CORS Scanner
CORS Scanner

A multi-threaded scanner that helps identify CORS flaws/misconfigurations.

CORStest
CORStest

A simple CORS misconfiguration scanner.

Corsy
Corsy

CORS Misconfiguration Scanner.

Fuzzapi
Fuzzapi

Used for REST API pentesting and provide UI solution for gem.

Retire.js
Retire.js

Detects the use of JavaScript libraries with known vulnerabilities.

webanalyze
webanalyze

Uncovers technologies used on websites to automate mass scanning.

skipfish
skipfish

Active web application security reconnaissance tool.

Wireshark
Wireshark

Network sniffer that captures and analyzes packets off the wire.

Crawlergo
Crawlergo

A powerful browser crawler for web vulnerability scanners

reconFTW
reconFTW

Runs the best set of tools to perform scanning and finding out vulnerabilities on a target domain.

sns
sns

IIS shortname scanner written in Go.

Nginxpwner
Nginxpwner

Simple tool to look for common Nginx misconfigurations and vulnerabilities.

Sudomy
Sudomy

Collects subdomains and analyzes domains performing automated reconnaissance.

Nmap
Nmap

The network mapper.

Rengine
Rengine

Automated reconnaissance framework for webapps, highly configurable streamlined recon process.

Metasploit
Metasploit

The world’s most used penetration testing framework.

Venom
Venom

Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns.

w3af
w3af

Web Application Attack and Audit Framework.

Osmedeus
Osmedeus

A Workflow Engine for Offensive Security

Jaeles
Jaeles

The Swiss Army knife for automated Web Application Testing

Nikto
Nikto

Nikto web server scanner.

Wapiti
Wapiti

The web-application vulnerability scanner.

Sn1per
Sn1per

Attack Surface Management Platform.

WhatWeb
WhatWeb

Next generation web scanner.

Masscan
Masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Zed Attack Proxy
Zed Attack Proxy

The world's most widely used web app scanner.

detectify-cves
detectify-cves

Find CVEs that don't have a Detectify modules.

xray
xray

Security assessment tool that supports common web security issue scanning and custom PoC.

JoomScan
JoomScan

OWASP Joomla Vulnerability Scanner Project.

Burp Suite
Burp Suite

The class-leading vulnerability scanning, penetration testing, and web app security platform.

Aquatone
Aquatone

A Tool for Domain Flyovers.

WPScan
WPScan

WPScan WordPress Security Scanner