Home / Tools / scan

Tool count: 677

Name Version Description Category Website
0d1n 1:263.2d723ae Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. webapp fuzzer scanner
0trace 1.5 A hop enumeration tool. scanner
a2sv 140.cb24c4e Auto Scanning to SSL Vulnerability (HeartBleed, CCS Injection, SSLv3 POODLE, FREAK, LOGJAM Attack, SSLv2 DROWN etc). scanner
adenum 36.fbbe14d A pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos. exploitation scanner
adminpagefinder 0.1 This python script looks for a large amount of possible administrative interfaces on a given site. webapp scanner
admsnmp 0.1 ADM SNMP audit scanner. scanner
allthevhosts 1.0 A vhost discovery tool that scrapes various web applications. scanner webapp
amass 2:2143.5f1f7176 In-depth subdomain enumeration written in Go. scanner recon
androidsniffer 0.1 A perl script that lets you search for 3rd party passwords, dump the call log, dump contacts, dump wireless configuration, and more. mobile scanner sniffer
anti-xss 166.2725dc9 A XSS vulnerability scanner. webapp scanner
anubis 1.1.3.r0.g9ea89fa Subdomain enumeration and information gathering tool. blackawrch-scanner recon
apache-users 2.1 This perl script will enumerate the usernames on a unix system that use the apache module UserDir. scanner
apachetomcatscanner 3.2 Apache Tomcat vulnerability scanner. scanner webapp
api-dnsdumpster 59.eda15d6 Unofficial Python API for recon scanner
apnbf 0.1 A small python script designed for enumerating valid APNs (Access Point Name) on a GTP-C speaking device. wireless scanner
appmon 177.f753c4d A runtime security testing & profiling framework for native apps on macOS, iOS & android and it is built using Frida. mobile scanner
aquatone 142.2daa022 a set of tools for performing reconnaissance on domain names. recon scanner
arjun 236.53afa55 HTTP parameter discovery suite. webapp scanner
arp-scan 1.10.0 A tool that uses ARP to discover and fingerprint IP hosts on the local network networking scanner fingerprint
asp-audit 2BETA An ASP fingerprinting tool and vulnerability scanner. fingerprint scanner webapp
assetfinder 19.4e95d87 Find domains and subdomains potentially related to a given domain. scanner recon
atear 139.245ec8d Wireless Hacking, WiFi Security, Vulnerability Analyzer, Pentestration. wireless recon scanner
athena-ssl-scanner 0.6.2 a SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers. scanner crypto
atscan 2455.5f774e9 Server, Site and Dork Scanner. scanner webapp fuzzer exploitation automation
atstaketools 0.1 This is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics. windows scanner forensic cracker sniffer recon
attk 2.0.1023 Trend Micro Anti-Threat Toolkit. scanner malware
autorecon 281.5dd2fd4 A multi-threaded network reconnaissance tool which performs automated enumeration of services. automation recon scanner
aws-extender-cli 17.a351154 Script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues. scanner webapp
aws-iam-privesc 11.2983efd AWS IAM policy scanner that helps determine where privilege escalation can be achieved. scanner recon exploitation automation
awsbucketdump 82.4684670 A tool to quickly enumerate AWS S3 buckets to look for loot. automation scanner
badkarma 85.2c46334 Advanced network reconnaissance toolkit. scanner networking recon
badministration 16.69e4ec2 A tool which interfaces with management or administration applications from an offensive standpoint. webapp scanner recon fingerprint
barmie 1.01 Java RMI enumeration and attack tool. scanner
basedomainname 0.1 Tool that can extract TLD (Top Level Domain), domain extensions (Second Level Domain + TLD), domain name, and hostname from fully qualified domain names. recon scanner
bashscan 94.80c066c A port scanner built to utilize /dev/tcp for network and service discovery. scanner
bbscan 52.6731879 A tiny Batch weB vulnerability Scanner. webapp scanner fuzzer
belati 72.49577a1 The Traditional Swiss Army Knife for OSINT. scanner recon webapp
billcipher 32.97fba59 Information Gathering tool for a Website or IP address. recon scanner
bing-lfi-rfi 0.1 This is a python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities. webapp scanner fuzzer
bingoo 3.698132f A Linux bash based Bing and Google Dorking Tool. scanner
birp 65.b2e108a A tool that will assist in the security assessment of mainframe applications served over TN3270. scanner recon fuzzer
blackbox-scanner 4:1.7a25220 Dork scanner & bruteforcing & hash cracker tool with blackbox penetration testing framework. scanner recon cracker
bleah 53.6a2fd3a A BLE scanner for "smart" devices hacking. scanner wireless bluetooth
blindy 12.59de8f2 Simple script to automate brutforcing blind sql injection vulnerabilities. scanner
blue-hydra 710.1c2372d A Bluetooth device discovery service built on top of the bluez library. bluetooth scanner
bluebox-ng 1:1.1.0 A GPL VoIP/UC vulnerability scanner. voip scanner fuzzer
bluelog 1.1.2 A Bluetooth scanner and sniffer written to do a single task, log devices that are in discoverable mode. bluetooth scanner
bluescan 1.0.6 A Bluetooth Device Scanner. bluetooth scanner
bluto 1:142.25cad7a Recon, Subdomain Bruting, Zone Transfers. scanner recon
botb 69.6d33aae A container analysis and exploitation tool for pentesters and engineers. exploitation scanner
braa 0.82 A mass snmp scanner scanner
brakeman 1:v6.1.2.1.r4.g35322e74c A static analysis security vulnerability scanner for Ruby on Rails applications code-audit exploitation scanner
bss 0.8 Bluetooth stack smasher / fuzzer bluetooth fuzzer scanner
btscanner 2.1 Bluetooth device scanner. bluetooth scanner
burpsuite 1:2024.5.1 An integrated platform for attacking web applications (free edition). fuzzer proxy scanner webapp
c5scan 30.be8845c Vulnerability scanner and information gatherer for the Concrete5 CMS. webabb scan recon
cameradar 195.1b91e54 Hacks its way into RTSP videosurveillance cameras. scanner
camscan 1.0057215 A tool which will analyze the CAM table of Cisco switches to look for anamolies. scanner networking defensive
canari 3.3.10 A transform framework for maltego forensic recon scanner
cangibrina 123.6de0165 Dashboard Finder. scanner webapp
cansina 2:59.67c6301 A python-based Web Content Discovery Tool. webapp scanner
cantoolz 1:425.82d330b Framework for black-box CAN network analysis automobile recon fuzzer scanner
cariddi v1.3.4.r3.gf6f2675 Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, token. webap scanner
casefile 1.0.1 The little brother to Maltego without transforms, but combines graph and link analysis to examine links between manually added data to mind map your information forensic recon scanner
cecster 5.15544cb A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols. scanner fuzzer
cent v1.3.3.r4.gada5069 Community edition nuclei templates. webapp scanner
cero v1.3.0.r19.gb73125b Scrape domain names from SSL certificates of arbitrary hosts. scanner recon
changeme 266.89f59d4 A default credential scanner. scanner
chaosmap 1.3 An information gathering tool and dns / whois / web server scanner forensic scanner recon
check-weak-dh-ssh 0.1 Debian OpenSSL weak client Diffie-Hellman Exchange checker. scanner crypto
checksec 2.7.1 Tool designed to test which standard Linux OS and PaX security features are being used automation scanner
cheetah-suite 21.2364713 Complete penetration testing suite (port scanning, brute force attacks, services discovery, common vulnerabilities searching, reporting etc.) scanner fingerprint cracker
chipsec 4:2122.7c802e49 Framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. hardware binary forensic scanner fuzzer
chiron 48.524abe1 An all-in-one IPv6 Penetration Testing Framework. scanner networking exploitation proxy
cipherscan 421.5866911 A very simple way to find out which SSL ciphersuites are supported by a target. scanner crypto
cisco-auditing-tool 1 Perl script which scans cisco routers for common vulnerabilities. Checks for default passwords, easily guessable community names, and the IOS history bug. Includes support for plugins and scanning multiple hosts. cracker fuzzer scanner
cisco-scanner 0.2 Multithreaded Cisco HTTP vulnerability scanner. Tested on Linux, OpenBSD and Solaris. cracker scanner
cisco-torch 0.4b Cisco Torch mass scanning, fingerprinting, and exploitation tool. exploitation fingerprint scanner
ciscos 1.3 Сканирует сети классов A, B и C в поисках роутеров cisco с открытым портом telnet и неизменённым заводским паролем от cisco. scanner
clair 1922.7d3f12e3 Vulnerability Static Analysis for Containers. scanner
clairvoyance 2.5.2 Obtain GraphQL API Schema even if the introspection is not enabled. webapp recon scanner
climber 30.5530a78 Check UNIX/Linux systems for privilege escalation. scanner
cloudflare-enum 10.412387f Cloudflare DNS Enumeration Tool for Pentesters. scanner
cloudmare 108.9c5a39f A simple tool to find origin servers of websites protected by CloudFlare with a misconfiguration DNS. recon scanner
cloudsploit 6278.3304547b2 AWS security scanning checks. scanner automation
cloudunflare 14.b91a8a7 Reconnaissance Real IP address for Cloudflare Bypass. recon scanner
cms-few 0.1 Joomla, Mambo, PHP-Nuke, and XOOPS CMS SQL injection vulnerability scanning tool written in Python. webapp scanner
cmsfuzz 5.6be5a98 Fuzzer for wordpress, cold fusion, drupal, joomla, and phpnuke. webapp scanner fuzzer
cmsmap 1:8.59dd0e2 A python open source Content Management System scanner that automates the process of detecting security flaws of the most popular CMSs. scanner automation webapp exploitation
cmsscan 43.f060b4b CMS scanner to identify and find vulnerabilities for Wordpress, Drupal, Joomla, vBulletin. webapp scanner recon fingerprint
cmsscanner CMS Scanner Framework. webapp scanner recon fingerprint
comission 203.67b890e WhiteBox CMS analysis. webapp scanner
complemento 0.7.6 A collection of tools for pentester: LetDown is a powerful tcp flooder ReverseRaider is a domain scanner that use wordlist scanning or reverse resolution scanning Httsquash is an http server scanner, banner grabber and data retriever fingerprint scanner
configpush 0.8.5 This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices. scanner
conscan 1.2 A blackbox vulnerability scanner for the Concre5 CMS. fuzzer scanner webapp
cookie-cadger 1.08 An auditing tool for Wi-Fi or wired Ethernet connections. fuzzer scanner
corscanner 99.593043f Fast CORS misconfiguration vulnerabilities scanner. webapp scanner
corstest 10.beffd0b A simple CORS misconfigurations checker. scanner webapp
corsy 69.2985ae2 CORS Misconfiguration Scanner. webapp scanner
cpfinder 0.1 This is a simple script that looks for administrative web interfaces. scanner webapp
crackmapexec 3:v6.0.1.r198.gda472cb A swiss army knife for pentesting Windows/Active Directory environments. scanner exploitation
creepy 1:137.9f60449 A geolocation information gatherer. Offers geolocation information gathering through social networking platforms. scanner social recon
crlfuzz 62.7a442bb A fast tool to scan CRLF vulnerability written in Go. webapp scanner
ct-exposer 24.71252ac An OSINT tool that discovers sub-domains by searching Certificate Transparency logs scanner recon
cvechecker 4.0 The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. scanner
cybercrowl 111.f7cac52 A Python Web path scanner tool. webapp scanner
cyberscan 75.ca85794 A Network Pentesting Tool networking scanner
d-tect 13.9555c25 Pentesting the Modern Web. scanner recon webapp
dark-dork-searcher 1.0 Dark-Dork Searcher. windows scanner
darkbing 0.1 A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. scanner fuzzer webapp
darkdump 48.7cad8ca Search The Deep Web Straight From Your Terminal. webapp scanner
darkscrape 68.2ca0e37 OSINT Tool For Scraping Dark Websites. webapp scanner recon
datasploit 1:367.a270d50 A tool to perform various OSINT techniques, aggregate all the raw data, visualize it on a dashboard, and facilitate alerting and monitoring on the data. recon scanner
davscan 30.701f967 Fingerprints servers, finds exploits, scans WebDAV. webapp scanner fingerprint recon
davtest 3.a282c58 Tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target scanner
dawnscanner 1:v2.2.0.r15.g0d647fc A static analysis security scanner for ruby written web applications. webapp scanner
dbusmap 16.6bb2831 This is a simple utility for enumerating D-Bus endpoints, an nmap for D-Bus. scanner
dcrawl 7.3273c35 Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. scanner webapp
deblaze 1:1.0608dc3 A remote method enumeration tool for flex servers scanner
delldrac 0.1a DellDRAC and Dell Chassis Discovery and Brute Forcer. scanner cracker
dependency-check 9.0.9 A tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. defensive, scanner
dhcpig 2:110.f037788 Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in python using scapy network library. scanner fuzzer dos
dirb 2.22 A web content scanner, brute forceing for hidden files. scanner webapp
dirble 1:1.4.2 Fast directory scanning and scraping tool. webapp scanner
dirbuster 1.0_RC1 An application designed to brute force directories and files names on web/application servers scanner webapp
dirbuster-ng 9.0c34920 C CLI implementation of the Java dirbuster tool. webapp scanner
dirhunt 329.a5ea20d Find web directories without bruteforce. webapp scanner
dirscanner 0.1 This is a python script that scans webservers looking for administrative directories, php shells, and more. scanner webapp
dirscraper 16.e752450 OSINT Scanning tool which discovers and maps directories found in javascript files hosted on a website. webapp scanner
dirsearch 2367.0ad2b8f HTTP(S) directory/file brute forcer. webapp scanner
dirstalk 1.3.3 Dirstalk is a multi threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the ones offered by dirbuster and dirb. scanner webapp
dive 0.12.0 A tool for exploring each layer in a docker image. scanner
dmitry 1.3a Deepmagic Information Gathering Tool. Gathers information about hosts. It is able to gather possible subdomains, email addresses, and uptime information and run tcp port scans, whois lookups, and more. scanner
dnmap 0.6 The distributed nmap framework scanner
dns2geoip 0.1 A simple python script that brute forces DNS and subsequently geolocates the found subdomains. scanner recon
dnsa 0.6 DNSA is a dns security swiss army knife scanner
dnsbf 0.3 Search for available domain names in an IP range. scanner
dnsbrute 2.b1dc84a Multi-theaded DNS bruteforcing, average speed 80 lookups/second with 40 threads. recon scanner
dnscan 208.2e23323 A python wordlist-based DNS subdomain scanner. scanner
dnsenum Script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results. recon scanner
dnsgoblin 1:0.1 Nasty creature constantly searching for DNS servers. It uses standard dns queries and waits for the replies. scanner
dnspredict 0.0.2 DNS prediction. scanner
dnsspider 1.4 A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation. recon scanner
dnstwist 626.2562e2f Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. scanner recon
dnswalk 2.0.2 A DNS debugger. recon scanner
dockerscan 59.590a844 Docker security analysis & hacking tools. scanner
dontgo403 1.0.1.r4.g6ce8b25 Tool to bypass 40X response codes.. webapp exploitation scanner
dorkbot 210.fb7f946 Command-line tool to scan Google search results for vulnerabilities. scanner
dorkme 57.0a7017a Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities. scanner
dpscan 0.1 Drupal Vulnerabilty Scanner. scanner webapp fuzzer
driftnet 1:v1.3.0.r13.ge492335 Listens to network traffic and picks out images from TCP streams it observes. scanner sniffer
dripper v1.r1.gc9bb0c9 A fast, asynchronous DNS scanner; it can be used for enumerating subdomains and enumerating boxes via reverse DNS. scanner
droopescan 1.45.1 A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe. scanner webapp
drozer 2.4.4 A security testing framework for Android - Precompiled binary from official repository. mobile scanner fuzzer
drupal-module-enum 11.525543c Enumerate on drupal modules. webapp scanner
drupalscan 0.5.2 Simple non-intrusive Drupal scanner. webapp scanner
drupwn 1:59.8186732 Drupal enumeration & exploitation tool. webapp exploitation scanner
dsfs 36.8e9f8e9 A fully functional File inclusion vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. webapp scanner
dsjs 32.26287d0 A fully functional JavaScript library vulnerability scanner written in under 100 lines of code. webapp scanner
dsss 123.84ddd33 A fully functional SQL injection vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. webapp scanner
dsxs 130.3e628b6 A fully functional Cross-site scripting vulnerability scanner (supporting GET and POST parameters) written in under 100 lines of code. webapp scanner
dvcs-ripper 54.2c1bbc6 Rip web accessible (distributed) version control systems: SVN/GIT/... scanner
easyda 7.0867f9b Easy Windows Domain Access Script. automation scanner recon
eazy 0.1 This is a small python tool that scans websites to look for PHP shells, backups, admin panels, and more. scanner webapp
eigrp-tools 0.1 This is a custom EIGRP packet generator and sniffer developed to test the security and overall operation quality of this brilliant Cisco routing protocol. sniffer networking recon scanner
enteletaor 68.a975b5c Message Queue & Broker Injection tool that implements attacks to Redis, RabbitMQ and ZeroMQ. exploitation scanner recon
enum-shares 7.97cba5a Tool that enumerates shared folders across the network and under a custom user account. scanner
enum4linux 0.9.1 A tool for enumerating information from Windows and Samba systems. recon scanner
enum4linux-ng 418.1fe4760 A next generation version of enum4linux. recon scanner
enumerate-iam 14.4529114 Enumerate the permissions associated with an AWS credential set. recon scanner
enumiax 1.0 An IAX enumerator. scanner
eos 14.0127319 Enemies Of Symfony - Debug mode Symfony looter. webapp scanner
eternal-scanner 94.6338172 An internet scanner for exploit CVE-2017-0144 (Eternal Blue). scanner exploitation
evine 42.46051de Interactive CLI Web Crawler. webapp scanner
extended-ssrf-search 28.680f815 Smart ssrf scanner using different methods like parameter brute forcing in post and get. webapp scanner
faraday 9269.4625bd369 A new concept (IPE) Integrated Penetration-Test Environment a multiuser Penetration test IDE. Designed for distribution, indexation and analyze of the generated data during the process of a security audit. scanner exploitation fuzzer fingerprint automation misc
faradaysec 12413.8adc0554e Collaborative Penetration Test and Vulnerability Management Platform. scanner exploitation fuzzer fingerprint automation misc
fernmelder 8.030212e Asynchronous mass DNS scanner. scanner recon
feroxbuster 2.7.1.r11.g53e3420 A fast, simple, recursive content discovery tool written in Rust. webapp scanner fuzzer
fgscanner 11.893372c An advanced, opensource URL scanner. scanner
fhttp 1.3 This is a framework for HTTP related attacks. It is written in Perl with a GTK interface, has a proxy for debugging and manipulation, proxy chaining, evasion rules, and more. webapp scanner fuzzer fingerprint dos
fi6s 195.1380b86 IPv6 network scanner designed to be fast. scanner
fierce 135.f32f639 A DNS reconnaissance tool for locating non-contiguous IP space. A DNS scanner. scanner
find-dns 0.1 A tool that scans networks looking for DNS servers. scanner
findomain 9.0.4 A tool that use Certificate Transparency logs to find subdomains. scanner recon
firewalk 5.0 An active reconnaissance network security tool fuzzer scanner
flashscanner 11.6815b02 Flash XSS Scanner. scanner webapp
flawfinder 2.0.19 Searches through source code for potential security flaws. code-audit scanner
flunym0us 2.0 A Vulnerability Scanner for Wordpress and Moodle. scanner webapp
forkingportscanner 1 Simple and fast forking port scanner written in perl. Can only scan one host at a time, the forking is done on the specified port range. Or on the default range of 1-65535. Has the ability to scan UDP or TCP, defaults to tcp. scanner
fortiscan 0.7.r7.gd54faa0 A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool. scanner exploitation
fping 5.2 A utility to ping multiple hosts at once networking recon scanner
fs-nyarl 1.0 A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit. scanner networking forensic spoof exploitation sniffer
fscan 1.8.4.r1.g509f53f A Security Auditing Tool. scanner
fsnoop 3.4 A tool to monitor file operations on GNU/Linux systems by using the Inotify mechanism. Its primary purpose is to help detecting file race condition vulnerabilities and since version 3, to exploit them with loadable DSO modules (also called "payload modules" or "paymods"). scanner
ftp-scanner 0.2.5 Multithreaded ftp scanner/brute forcer. Tested on Linux, OpenBSD and Solaris. cracker scanner
ftp-spider 1.0 FTP investigation tool - Scans ftp server for the following: reveal entire directory tree structures, detect anonymous access, detect directories with write permissions, find user specified data within repository. scanner cracker
ftpmap 52.cbeabbe Scans remote FTP servers to identify what software and what versions they are running. fingerprint scanner
ftpscout 12.cf1dff1 Scans ftps for anonymous access. scanner
gatecrasher 2.3ad5225 Network auditing and analysis tool developed in Python. recon scanner
gcpbucketbrute 17.6866bd2 A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. scanner
gethsploit 3.144778b Finding Ethereum nodes which are vulnerable to RPC-attacks. scanner
gggooglescan 0.4 A Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. scanner
ghost-phisher 1.62 GUI suite for phishing and penetration attacks scanner
git-dump 7.4c9a2a9 Dump the contents of a remote git repository without directory listing enabled. scanner code-audit
git-dumper 1:1.0.6.r14.g2d6fa4f A tool to dump a git repository from a website. scanner webapp
gitdorker 113.8199375 Python program to scrape secrets from GitHub through usage of a large repository of dorks. recon scanner
gitrob 7.7be4c53 Scan Github For Sensitive Files. scanner
gittools 70.7cac63a A repository with 3 tools for pwn'ing websites with .git repositories available'. webapp scanner
gloom 1:93.cd6e927 Linux Penetration Testing Framework. scanner exploitation recon fuzzer social
gobuster 2:367.308cf9f Directory/file & DNS busting tool written in Go. webapp scanner
goofuzz 1.2.5.r2.g6ba4cc5 A Bash script that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web server. fuzzer recon scanner
googlesub 14.a7a3cc7 A python script to find domains by using google dorks. scanner
goohak 31.815a31e Automatically Launch Google Hacking Queries Against A Target Domain. recon automation scanner
goop-dump 71.3c15d60 Tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases. webapp scanner
gospider 108.f6cc9a7 Fast web spider written in Go. webapp scanner
gpredict 1646.098e376 A real-time satellite tracking and orbit prediction application. radio scanner
grabbb 0.0.7 Clean, functional, and fast banner scanner. scanner
graphinder 1.11.6 GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. recon scanner webapp
graphql-cop 1.12.r13.g597b614 GraphQL vulnerability scanner. scanner webapp
greenbone-security-assistant 9.0.1 Greenbone Security Assistant (gsa) - OpenVAS web frontend scanner fuzzer exploitation
grepforrfi 0.1 Simple script for parsing web logs for RFIs and Webshells v1.2 scanner
grype 1:0.33.1 A vulnerability scanner for container images and filesystems. scanner
gtp-scan 0.7 A small python script that scans for GTP (GPRS tunneling protocol) speaking hosts. scanner networking mobile
gvmd 8.0.1 Greenbone Vulnerability Manager - The database backend for the Greenbone Vulnerability Management (GVM) framework scanner fuzzer exploitation
gwcheck 0.1 A simple program that checks if a host in an ethernet network is a gateway to Internet. networking scanner
h2buster 79.6c4dd1c A threaded, recursive, web directory brute-force scanner over HTTP/2. scanner webapp
h2t 36.9183a30 Scans a website and suggests security headers to apply. webapp scanner defensive
habu 359.8326936 Python Network Hacking Toolkit. scanner spoof dos cracker dos
hackredis 3.fbae1bc A simple tool to scan and exploit redis servers. exploitation scanner
hakku 384.bbb434d Simple framework that has been made for penetration testing tools. scanner recon webapp exploitation fingerprint
hakrawler 234.14e240b Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application. webapp scanner
halberd 0.2.4 Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. scanner webapp
hasere 1.0 Discover the vhosts using google and bing. recon scanner
hbad 1.0 This tool allows you to test clients on the heartbleed bug. scanner
heartleech 116.3ab1d60 Scans for systems vulnerable to the heartbleed bug, and then download them. exploitation scanner
hellraiser 279.bea43e2 Vulnerability Scanner. scanner recon
hexorbase 2:6 A database application designed for administering and auditing multiple database servers simultaneously from a centralized location. It is capable of performing SQL queries and bruteforce attacks against common database servers (MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL). fuzzer scanner
hikpwn 8.5a7d69c A simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. scanner
homepwn 31.0803981 Swiss Army Knife for Pentesting of IoT Devices. scanner recon fuzzer exploitation
hookshot 199.3258c3e Integrated web scraper and email account data breach comparison tool. webapp scanner recon social
hoppy 1.8.1 A python script which tests http methods for configuration issues leaking information or just to see if they are enabled. scanner recon
host-extract 1:8.0134ad7 Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. scanner webapp
hostbox-ssh 0.1.1 A ssh password/account scanner. cracker scanner
hsecscan 66.7b8fa71 A security scanner for HTTP response headers. scanner
htcap 1:155.a59c592 A web application analysis tool for detecting communications between javascript and the server. webapp scanner
http-enum 0.4 A tool to enumerate the enabled HTTP methods supported on a webserver. scanner
http2smugl 36.78abc09 Http2Smugl - Tool to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -больше HTTP/1.1 conversion. webapp scanner exploitation
httpforge 11.02.01 A set of shell tools that let you manipulate, send, receive, and analyze HTTP messages. These tools can be used to test, discover, and assert the security of Web servers, apps, and sites. An accompanying Python library is available for extensions. webapp scanner fuzzer recon
httpgrep 2.4 A python tool which scans for HTTP servers and finds given strings in URIs. webapp scanner
httprobe 22.5555984 Take a list of domains and probe for working HTTP and HTTPS servers scanner
httpsscanner 1.2 A tool to test the strength of a SSL web server. scanner crypto
httpx 1994.2b0d9f4 A fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library. webapp scanner
hwk 0.4 Collection of packet crafting and wireless network flooding tools dos fuzzer scanner wireless
iaxscan 0.02 A Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. scanner cracker
icmpquery 1.0 Send and receive ICMP queries for address mask and current time. scanner
idswakeup 1.0 A collection of tools that allows to test network intrusion detection systems. recon networking scanner
iis-shortname-scanner 5.4ad4937 An IIS shortname Scanner. scanner
ike-scan 1.9.5 A tool that uses IKE protocol to discover, fingerprint and test IPSec VPN servers scanner
ikeprobe 2:0.1 Determine vulnerabilities in the PSK implementation of the VPN server. windows scanner cracker
ilo4-toolbox 47.672a5d6 Toolbox for HPE iLO4 analysis. scanner automation backdoor
infip 0.1 A python script that checks output from netstat against RBLs from Spamhaus. scanner misc
inguma 0.1.1 A free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler. cracker disassembler exploitation fuzzer scanner
injectus 12.3c01fa0 Simple python tool that goes through a list of URLs trying CRLF and open redirect payloads. webapp scanner fuzzer
inurlbr 34.dbf9773 Advanced search in the search engines - Inurl scanner, dorker, exploiter. scanner webapp automation
ipscan 3.9.1 Angry IP scanner is a very fast IP address and port scanner. scanner
iptv 138.ae6457b Search and brute force illegal iptv server. scanner cracker
ipv6toolkit 819.367bbe6 SI6 Networks' IPv6 Toolkit scanner
ircsnapshot 94.cb02a85 Tool to gather information from IRC servers. recon scanner
isme 0.12 Scans a VOIP environment, adapts to enterprise VOIP, and exploits the possibilities of being connected directly to an IP Phone VLAN. voip recon scanner
jaadas 0.1 Joint Advanced Defect assEsment for android applications. scanner
jaeles 233.243e0b6 The Swiss Army knife for automated Web Application Testing. webapp scanner
jira-scan 7.447d0ec A simple remote scanner for Atlassian Jira webapp scanner
jok3r 447.0761996 Network and Web Pentest Framework. webapp scanner fuzzer networking
joomlascan 1.2 Joomla scanner scans for known vulnerable remote file inclusion paths and files. webapp scanner
joomlavs 254.eea7500 A black box, Ruby powered, Joomla vulnerability scanner. webapp scanner fuzzer
jsql 0.81 A lightweight application used to find database information from a distant server. scanner
juumla 106.130565e Python tool created to identify Joomla version, scan for vulnerabilities and search for config files. webapp scanner recon fingerprint
kadimus 183.ac5f438 LFI Scan & Exploit Tool. webapp exploitation scanner
kalibrate-rtl 69.340003e Fork of for use with rtl-sdr devices. mobile scanner
katana A framework that seeks to unite general auditing tools, which are general pentesting tools (Network,Web,Desktop and others). exploitation dos cracker scanner recon
katana-framework A framework that seekss to unite general auditing tools, which are general pentesting tools (Network,Web,Desktop and others). exploitation dos cracker scanner recon
katana-pd v1.1.0.r2.g9ba3bb8 Crawling and spidering framework. webapp scanner
kiterunner 19.7d5824c Contextual Content Discovery Tool. webapp scanner recon
knock 2:94.1b00b95 Subdomain scanner. scanner recon
knxmap 252.6f40dd1 KNXnet/IP scanning and auditing tool for KNX home automation installations. scanner
konan 23.7b5ac80 Advanced Web Application Dir Scanner. webapp scanner
krbrelayx 49.4eb9c4f Kerberos unconstrained delegation abuse toolkit. scanner fuzzer spoof networking
kube-hunter 703.bc47f08 Hunt for security weaknesses in Kubernetes clusters. scanner
kubesploit 86.2de2f12 Cross-platform post-exploitation HTTP/2 Command & Control server. scanner exploitation
kubestriker 39.e1776ea A Blazing fast Security Auditing tool for Kubernetes. scanner
kubolt 28.0027239 Utility for scanning public kubernetes clusters. webapp scanner
laf 12.7a456b3 Login Area Finder: scans host/s for login panels. scanner webapp
ldapdomaindump 0.9.4 Active Directory information dumper via LDAP. scanner networking
ldapenum 1:0.1 Enumerate domain controllers using LDAP. recon scanner
leaklooker 5.0d2b9fc Find open databases with Shodan. scanner
letmefuckit-scanner 3.f3be22b Scanner and Exploit Magento. scanner webapp
leviathan 35.a1a1d8c A mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. scanner cracker webapp fuzzer exploitation
lfi-scanner 4.0 This is a simple perl script that enumerates local file inclusion attempts when given a specific target. scanner fuzzer webapp
lfisuite 85.470e01f Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner. scanner webapp exploitation
lightbulb 88.9e8d6f3 Python framework for auditing web applications firewalls. webapp scanner
linenum 75.c47f9b2 Scripted Local Linux Enumeration & Privilege Escalation Checks scanner recon
linikatz 48.d9cfdbf Tool to attack Active Directory on UNIX. automation scanner
linux-smart-enumeration 299.eb80976 Linux enumeration tool for pentesting and CTFs with verbosity levels. scanner
littleblackbox 0.1.3 Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. scanner fuzzer crypto
locasploit 117.fa48151 Local enumeration and exploitation framework. scanner exploitation
log4j-bypass 33.f5c92f9 Log4j web app tester that includes WAF bypasses. webapp fuzzer scanner
log4j-scan 88.07f7e32 A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228. webapp scanner fuzzer
logmepwn 24.f257a8f A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability. scanner fuzzer
loki-scanner 1227.0dc990b Simple IOC and Incident Response Scanner. forensic scanner
lorsrf bbb.r0.g91c26ec Find the parameters that can be used to find SSRF or Out-of-band resource load. webapp scanner fuzzer
lotophagi 0.1 a relatively compact Perl script designed to scan remote hosts for default (or common) Lotus NSF and BOX databases. scanner
lte-cell-scanner 57.5fa3df8 LTE SDR cell scanner optimized to work with very low performance RF front ends (8bit A/D, 20dB noise figure). scanner mobile recon
lulzbuster 1.3.2 A very fast and smart web-dir/file enumeration tool written in C. webapp scanner recon
lunar 798.255bdc8 A UNIX security auditing tool based on several security frameworks. scanner defensive
lynis 3.1.1 Security and system auditing tool to harden Unix/Linux systems scanner
magescan 1.12.9 Scan a Magento site for information. webapp scanner
maligno 2.5 An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. scanner fuzzer exploitation
maltego 4.7.0 An open source intelligence and forensics application, enabling to easily gather information about DNS, domains, IP addresses, websites, persons, etc. forensic recon scanner
manspider 66.b8fcc7f Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported! scanner recon
mantra 1:v2.0.r1.ga0ae15e Hunt down API key leaks in JS files and pages. scanner webapp
maryam 2:819.99ae85a Tool to scan Web application and networks and easily and complete the information gathering process. scanner webapp recon
massbleed 20.44b7e85 Automated Pentest Recon Scanner. recon automation scanner
masscan 1.3.2 TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes scanner
meg 87.9daab00 Fetch many paths for many hosts - without killing the hosts. webapp scanner
metasploit 6.4.7 Advanced open-source platform for developing, testing, and using exploit code exploitation fuzzer scanner recon networking
mingsweeper 1.00 A network reconnaissance tool designed to facilitate large address space,high speed node discovery and identification. windows recon scanner
miranda-upnp 1.3 A Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices exploitation scanner
mitm6 33.8e75884 Pwning IPv4 via IPv6. scanner fuzzer spoof networking
modscan 0.1 A new tool designed to map a SCADA MODBUS TCP based network. scanner recon
mongoaudit 222.70b83e8 A powerful MongoDB auditing and pentesting tool . scanner fuzzer
mooscan 1:10.82963b0 A scanner for Moodle LMS. webapp scanner
morxtraversal 1.0 Path Traversal checking tool. webapp scanner
mptcp-abuse 6.b0eeb27 A collection of tools and resources to explore MPTCP on your network. Initially released at Black Hat USA 2014. networking recon scanner
mqtt-pwn 43.40368e5 A one-stop-shop for IoT Broker penetration-testing and security assessment operations. scanner recon
msmailprobe 1.c01c8bf Office 365 and Exchange Enumeration tool. scanner recon
mssqlscan 0.8.4 A small multi-threaded tool that scans for Microsoft SQL Servers. scanner
multiscanner 1559.86e0145 Modular file scanning/analysis framework. scanner automation
mwebfp 16.a800b98 Mass Web Fingerprinter. fingerprint webapp scanner
naabu 1293.10f5605 A fast port scanner written in go with focus on reliability and simplicity. scanner
nbname 1.0 Decodes and displays all NetBIOS name packets it receives on UDP port 137 and more! windows sniffer recon dos scanner
nbtenum 3.3 A utility for Windows that can be used to enumerate NetBIOS information from one host or a range of hosts. windows scanner recon
nbtool 1:2.bf90c76 Some tools for NetBIOS and DNS investigation, attacks, and communication. networking recon scanner
nbtscan 1.7.2 NBTscan is a program for scanning IP networks for NetBIOS name information. scanner recon
netbios-share-scanner 1.0 This tool could be used to check windows workstations and servers if they have accessible shared resources. scanner
netexec v1.2.0.r18.g665f778d A Windows / Active Directory environments pentest tool. scanner exploitation windows
netreconn 1.78 A collection of network scan/recon tools that are relatively small compared to their larger cousins. networking recon scanner
netscan 1.0 Tcp/Udp/Tor port scanner with: synpacket, connect TCP/UDP and socks5 (tor connection). scanner networking
netscan2 1:60.3d02ba1 Active / passive network scanner. scanner recon
nettacker 0.3.3.r35.gfacf823c Automated Penetration Testing Framework. automation scanners recon
netz v0.1.0.r8.g3754e56 Discover internet-wide misconfigurations while drinking coffee. scanner
nextnet 3.c8dc7a6 Pivot point discovery tool. networking scanner
nikto 2.5.0 A web server scanner which performs comprehensive tests against web servers for multiple items scanner webapp fuzzer
nili 39.285220a Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. scanner reversing fuzzer
nmap 7.95 Utility for network discovery and security auditing scanner
nmbscan 1.2.6 Tool to scan the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. scanner
nosqlattack 98.a5b0329 Python tool to automate exploit MongoDB server IP on Internet and disclose the database data by MongoDB default configuration weaknesses and injection attacks. automation scanner
nosqli 37.6fce3eb NoSQL scanner and injector. webapp scanner exploitation
nray 59.30517fd Distributed port scanner. scanner
nsdtool 0.1 A netgear switch discovery tool. It contains some extra features like bruteoforce and setting a new password. networking scanner
nsec3map 20.1263537 A tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain. scanner recon
nsia 1.0.6 A website scanner that monitors websites in realtime in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues. scanner webapp defensive
nsoq 1.9.5 A Network Security Tool for packet manipulation that allows a large number of options. networking scanner fuzzer
ntlm-challenger 8.bd61ef6 Parse NTLM over HTTP challenge messages. scanner
ntlm-scanner 6.4b29329 A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities. scanner
ntlmrecon 76.41ee1db A tool to enumerate information from NTLM authentication enabled web endpoints. scanner recon
nuclei 2:v3.0.0.r640.g04a630266 Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. webapp scanner
nullinux 123.a647159 Tool that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. recon scanner
nullscan 1.0.1 A modular framework designed to chain and automate security tests. automation scanner recon fingerprint networking fuzzer exploitation
o-saft 6264.e3f23d39 A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. scanner recon
ocs 0.2 Compact mass scanner for Cisco routers with default telnet/enable passwords. scanner cracker
okadminfinder 83.aca7645 Tool to find admin panels / admin login pages. webapp scanner
onesixtyone 0.7 An SNMP scanner that sends multiple SNMP requests to multiple IP addresses cracker scanner
onetwopunch v1.0.0.r2.gd4ab4e8 Use unicornscan to quickly scan all open ports, and then pass the open ports to nmap for detailed scans. scanner
onionscan 130.da42865 Scan Onion Services for Security Issues. scanner defensive
onionsearch 44.fc9d62c Script that scrapes urls on different ".onion" search engines. webapp scanner
opendoor 422.d1ed311 OWASP Directory Access scanner. webapp scanner
openscap 1.3.10.r57.g8cf975ba8 Open Source Security Compliance Solution. automation defensive scanner
openvas 6.0.1 The OpenVAS scanning Daemon scanner fuzzer exploitation
openvas-cli 1.4.5 The OpenVAS Command-Line Interface scanner fuzzer exploitation
openvas-libraries 9.0.2 The OpenVAS libraries scanner fuzzer exploitation
openvas-manager 7.0.3 A layer between the OpenVAS Scanner and various client applications scanner fuzzer exploitation
openvas-scanner 22.4.0 The OpenVAS scanning Daemon scanner fuzzer exploitation
owasp-bywaf 26.e730d1b A web application penetration testing framework (WAPTF). webapp scanner
owtf 2187.af993ecb The Offensive (Web) Testing Framework. webapp automation scanner fuzzer
pagodo 146.e99e7b1 Google dork script to collect potentially vulnerable web pages and applications on the Internet. scanner recon
paketto 1.10 Advanced TCP/IP Toolkit. scanner
panhunt 63.ec87e88 Searches for credit card numbers (PANs) in directories. scanner
pappy-proxy 77.e1bb049 An intercepting proxy for web application testing. webapp proxy scanner fuzzer recon
parameth 56.8da6f27 This tool can be used to brute discover GET and POST parameters. webapp scanner
paranoic 1.7 A simple vulnerability scanner written in Perl. scanner scanner webapp
passhunt 5.332f374 Search drives for documents containing passwords. scanner
pbscan 10.566c3d7 Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage. scanner
pcredz 84.27b39a6 A tool that extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface. scanner
peass 20240505.284a0ce8.r0.g74c1391 Privilege Escalation Awesome Scripts SUITE (with colors). scanner
pentbox 1.8 A security suite that packs security and stability testing oriented tools for networks and systems. fuzzer scanner
pentestly 1798.93d1b39 Python and Powershell internal penetration testing framework. scanner recon automation
phonia 593.8ae14ff Advanced toolkits to scan phone numbers using only free resources. social scanner
php-malware-finder 0.3.4.r82.g87b6d7f Detect potentially malicious PHP files. webapp malware scanner code-audit
pinkerton 1.6.r19.g3195a4a JavaScript file crawler and secret finder. webapp scanner
plcscan 0.1 This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols. scanner networking
pmap 1.10 Passively discover, scan, and fingerprint link-local peers by the background noise they generate (i.e. their broadcast and multicast traffic). windows recon scanner fingerprint
pnscan 1.14.1 A parallel network scanner that can be used to survey TCP network services. scanner
poison 1.5.41 A fast, asynchronous syn and udp scanner. scanner
postenum 116.9cd9d7e Clean, nice and easy tool for basic/advanced privilege escalation techniques. recon scanner exploitation
pown 332.0e32edf Security testing and exploitation toolkit built on top of Node.js and NPM. webapp recon scanner social proxy
ppfuzz 31.80982ec A fast tool to scan client-side prototype pollution vulnerability written in Rust. webapp scanner
ppmap v1.2.0.r15.g9426af6 A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets. webapp scanner exploitation
ppscan 0.3 Yet another port scanner with HTTP and FTP tunneling support. scanner
prads 1132.e631f4f Is a "Passive Real-time Asset Detection System". scanner networking
praeda 49.b0b17d3 An automated data/information harvesting tool designed to gather critical information from various embedded devices. scanner
pret 108.a04bd04 Printer Exploitation Toolkit - The tool that made dumpster diving obsolete. exploitation fuzzer recon scanner
propecia 2 A fast class scanner that scans for a specified open port with banner grabbing fingerprint scanner
prowler 1:3637.daf6194de Tool for AWS security assessment, auditing and hardening. defensive scanner
proxmark 2413.61163344 A powerful general purpose RFID tool, the size of a deck of cards, designed to snoop, listen and emulate everything from Low Frequency (125kHz) to High Frequency (13.56MHz) tags. radio recon scanner
proxmark3 4.17768 A general purpose RFID tool for Proxmark3 hardware. radio recon scanner
proxybroker 152.d21aae8 Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS. proxy scanner
proxybroker2 400.928f4aa Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS. proxy scanner
proxycheck 0.1 This is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. scanner proxy
proxyp 2013 Small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. proxy scanner
proxyscan 0.3 A security penetration testing tool to scan for hosts and ports through a Web proxy server. scanner
ptf 1503.e9ff60b The Penetration Testers Framework is a way for modular support for up-to-date tools. exploitation scanner recon automation
pureblood 37.2c5ce07 A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter. automation webapp scanner fuzzer
puredns v2.1.1.r1.g9d94e50 Fast domain resolver and subdomain bruteforcing with accurate wildcard filtering. recon scanner
pwncat 0.1.2 Bind and reverse shell handler with FW/IDS/IPS evasion, self-inject and port-scanning. backdoor scanner proxy networking
pwndora 248.d3f676a Massive IPv4 scanner, find and analyze internet-connected devices in minutes, create your own IoT search engine at home. scanner recon
pyersinia 49.73f4056 Network attack tool like yersinia but written in Python. networking fuzzer dos voip scanner exploitation
pyfiscan 2996.57c7428 Free web-application vulnerability and version scanner. webapp scanner
pyssltest 9.d7703f0 A python multithreaded script to make use of Qualys ssllabs api to test SSL flaws. scanner cryptography
pytbull 19.3d82a54 A python based flexible IDS/IPS testing framework shipped with more than 300 tests. scanner fuzzer
pythem 454.e4fcb8a Python penetration testing framework. scanner sniffer recon cracker webapp
python-api-dnsdumpster 79.0f8ba2b Unofficial Python API for recon scanner
python2-api-dnsdumpster 79.0f8ba2b Unofficial Python API for recon scanner
python2-ldapdomaindump 0.9.4 Active Directory information dumper via LDAP. scanner networking
python2-webtech 1.2.12 Identify technologies used on websites. webapp recon scanner fingerprint
qark 301.ba1b265 Tool to look for several security related Android application vulnerabilities. mobile fuzzer scanner exploitation
quickrecon 0.3.2 A python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing. recon scanner
raccoon 187.9cf6c11 A high performance offensive security tool for reconnaissance and vulnerability scanning. recon scanner
ranger-scanner 149.3aae5dd A tool to support security professionals to access and interact with remote Microsoft Windows based systems. scanner recon
rapidscan 221.296a20b The Multi-Tool Web Vulnerability Scanner. webapp scanner recon fingerprint fuzzer exploitation
ratproxy 1.58 A passive web application security assessment tool fuzzer proxy scanner webapp
rawr 74.544dd75 Rapid Assessment of Web Resources. A web enumerator. scanner webapp
rbac-lookup v0.10.2.r0.ga3654cb A CLI that allows you to easily find Kubernetes roles and cluster roles bound to any user. scanner recon
rdp-cipher-checker 0.1 Enumerate the encryption protocols supported by the server and the cipher strengths supported using native RDP encryption. scanner crypto windows
rdp-sec-check 11.d0cc143 Script to enumerate security settings of an RDP Service. scanner networking windows
reconscan 61.afbcfc0 Network reconnaissance and vulnerability assessment tools. recon scanner
recsech 123.1fc298a Tool for doing Footprinting and Reconnaissance on the target web. recon scanner webapp fingerprinting
red-hawk 36.fa54e23 All in one tool for Information Gathering, Vulnerability Scanning and Crawling. recon scanner webapp
redfang 2.5 Finds non-discoverable Bluetooth devices by brute-forcing the last six bytes of the devices' Bluetooth addresses and calling read_remote_name(). bluetooth scanner
regeorg 30.1ca54c2 The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn. automation cracker proxy scanner
relay-scanner 1.7 An SMTP relay scanner. scanner
responder 4:v3.1.4.0.r19.g4947ae6 A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. scanner fuzzer spoof networking
responder-multirelay 1:360.24e7b7c A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version), scanner fuzzer spoof networking
retire 5.0.0.r4.g7231dfb Scanner detecting the use of JavaScript libraries with known vulnerabilities. scanner code-audit
revipd 5.2aaacfb A simple reverse IP domain scanner. recon scanner
rext 63.5f0f626 Router EXploitation Toolkit - small toolkit for easy creation and usage of various python scripts that work with embedded devices. exploitation scanner
ripdc 0.3 A script which maps domains related to an given ip address or domainname. recon scanner
rlogin-scanner 0.2 Multithreaded rlogin scanner. Tested on Linux, OpenBSD and Solaris. cracker scanner
routerhunter 21.4da257c Tool used to find vulnerable routers and devices on the Internet and perform tests. scanner networking
rpctools 1.0 Contains three separate tools for obtaining information from a system that is running RPC services windows recon scanner
rpdscan 2.a71b0f3 Remmina Password Decoder and scanner. cracker scanner
rtlizer 35.5614163 Simple spectrum analyzer. scanner radio
rtlsdr-scanner 1013.3c032de A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library. scanner
rustbuster 302.4a243d4 DirBuster for Rust. webapp scanner
rustscan 2.2.3 Faster Nmap Scanning with Rust. scanner
s3scanner 466.c7292e7 Scan for open S3 buckets and dump. scanner
sambascan 0.5.0 Allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. scanner
sandcastle 73.10af7c7 A Python script for AWS S3 bucket enumeration. scanner
sandmap 579.a7c4860 Nmap on steroids! Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles. scanner automation
sandy 6.531ab16 An open-source Samsung phone encryption assessment framework scanner crypto mobile
sb0x 19.04f40fe A simple and Lightweight framework for Penetration testing. scanner fuzzer cracker backdoor recon
scamper 20230323 A tool that actively probes the Internet in order to analyze topology and performance. scanner recon networking
scanless 90.3da40e9 Utility for using websites that can perform port scans on your behalf. scanner
scanqli 26.40a028d SQLi scanner to detect SQL vulns. webapp scanner
scanssh 2.1 Fast SSH server and open proxy scanner. scanner
scap-security-guide 0.1.60 Security compliance content in SCAP, Bash, Ansible, and other formats. automation defensive scanner
scap-workbench 1.2.1 SCAP Scanner And Tailoring Graphical User Interface. automation defensive scanner
scout2 1182.5d86d46 Security auditing tool for AWS environments. scanner fuzzer
scoutsuite 1:5.14.0.r0.g7909f2fc6 Multi-Cloud Security Auditing Tool. scanner
scrape-dns 58.3df392f Searches for interesting cached DNS entries. scanner
scrapy 2.11.1 A fast high-level scraping and web crawling framework. webapp recon scanner
sctpscan 34.4d44706 A network scanner for discovery and security. recon scanner
sdn-toolkit 1.21 Discover, Identify, and Manipulate SDN-Based Networks networking scanner recon
sdnpwn 79.f4e2692 An SDN penetration testing toolkit. scanner networking
seat 0.3 Next generation information digging application geared toward the needs of security professionals. It uses information stored in search engine databases, cache repositories, and other public resources to scan web sites for potential vulnerabilities. scanner recon
second-order v3.2.r0.g242569b Second-order subdomain takeover scanner. webapp scanner
secscan 1.5 Web Apps Scanner and Much more utilities. webapp scanner
see-surf v2.0.r41.g826f05a A Python based scanner to find potential SSRF parameters in a web application. webapp scanner
shareenum 48.db728dd Tool to enumerate shares from Windows hosts. scanner
sharesniffer 58.a0c5ed6 Network share sniffer and auto-mounter for crawling remote file systems. scanner automation
shocker 65.65d4d76 A tool to find and exploit servers vulnerable to Shellshock. exploitation scanner
shortfuzzy 0.1 A web fuzzing script written in perl. webapp fuzzer scanner
shuffledns 362.1e45a1b A wrapper around massdns written in go that allows you to enumerate valid subdomains. scanner
silk 3.19.2 A collection of traffic analysis tools developed by the CERT NetSA to facilitate security analysis of large networks. networking scanner
simple-lan-scan 1.0 A simple python script that leverages scapy for discovering live hosts on a network. scanner recon networking
sipscan 1:0.1 A sip scanner. windows scanner voip
sipshock 7.6ab5591 A scanner for SIP proxies vulnerable to Shellshock. scanner voip
sitadel 123.e4d9ed4 Web Application Security Scanner. webapp scanner
skipfish 2.10b A fully automated, active web application security reconnaissance tool fuzzer scanner webapp
slurp 90.6a4eaaf S3 bucket enumerator scanner
slurp-scanner 90.6a4eaaf Evaluate the security of S3 buckets. scanner
smap-scanner 0.1.12.r1.g90dfe74 Passive port scanner built with shodan free API. scanner recon
smartphone-pentest-framework 104.fc45347 Repository for the Smartphone Pentest Framework (SPF). mobile scanner fuzzer
smbcrunch 12.313400e 3 tools that work together to simplify reconaissance of Windows File Shares. recon scanner
smbexec 2:59.a54fc14 A rapid psexec style attack with samba tools. scanner recon fuzzer exploitation
smbmap 1:v1.10.4.r0.g00cb9ac A handy SMB enumeration tool. scanner recon
smbspider 10.7db9323 A lightweight python utility for searching SMB/CIFS/Samba file shares. scanner
smbsr 50.7f86241 Lookup for interesting stuff in SMB shares. scanner recon
smod 53.7eb8423 A modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. scanner fuzzer recon dos
smtp-test 5.d8d8598 Automated testing of SMTP servers for penetration testing. scanner
smtp-user-enum 1.2 Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO. recon scanner
smtp-vrfy 1.0 An SMTP Protocol Hacker. scanner
smtptx 1.0 A very simple tool used for sending simple email and do some basic email testing from a pentester perspective. scanner fuzzer
smuggler 23.2be871e Python tool used to test for HTTP Desync/Request Smuggling attacks. webapp scanner
smuggler-py 1.0 Python tool used to test for HTTP Desync/Request Smuggling attacks. webapp scanner
sn00p 0.8 A modular tool written in bourne shell and designed to chain and automate security tools and tests. automation scanner recon fingerprint networking fuzzer exploitation
sn1per 1:600.7d53725 Automated Pentest Recon Scanner. recon automation scanner cracker
snallygaster 240.ff6a097 Tool to scan for secret files on HTTP servers. webapp scanner
snmpattack 1.8 SNMP scanner and attacking tool. networking scanner
snmpenum 1.7 snmp enumerator scanner
snmpscan 0.1 A free, multi-processes SNMP scanner. scanner
snoopbrute 17.589fbe6 Multithreaded DNS recursive host brute-force tool. scanner recon
snscan 1.05 A Windows based SNMP detection utility that can quickly and accurately identify SNMP enabled devices on a network. windows scanner
snyk 1.1283.0 CLI and build-time tool to find and fix known vulnerabilities in open-source dependencies. code-audit scanner
spade 114 A general-purpose Internet utility package, with some extra features to help in tracing the source of spam and other forms of Internet harassment. windows scanner recon
spaghetti 4:9.df39a11 Web Application Security Scanner. webapp scanner
sparta 21.b0a4514 Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. scanner cracker fingerprint networking
spiga 2:648.617a342 Configurable web resource scanner. webapp scanner
spipscan 1:69.4ad3235 SPIP (CMS) scanner for penetration testing purpose written in Python. webapp scanner
sploitego 153.d9568dc Maltego Penetration Testing Transforms. fuzzer scanner
sprayhound 0.0.3 Password spraying tool and Bloodhound integration. networking scanner
sprayingtoolkit 60.82e2ec8 Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient. webapp scanner
sqlivulscan 249.cc8e657 This will give you the SQLi Vulnerable Website Just by Adding the Dork. scanner webapp
ssdp-scanner 1.0 SSDP amplification scanner written in Python. Makes use of Scapy. scanner networking
ssh-audit 3.2.0 SSH server auditing (banner, key exchange, encryption, mac, compression, compatbility, etc). scanner
ssh-user-enum 7.ae453c1 SSH User Enumeration Script in Python Using The Timing Attack. scanner
sshprank 1.4.2 A fast SSH mass-scanner, login cracker and banner grabber tool using the python-masscan module. cracker scanner fingerprint
sshscan 1:1.0 A horizontal SSH scanner that scans large swaths of IPv4 space for a single SSH user and pass. cracker scanner
ssl-hostname-resolver 1 CN (Common Name) grabber on X.509 Certificates over HTTPS. recon scanner
sslcaudit 524.f218b9b Utility to perform security audits of SSL/TLS clients. scanner crypto
ssllabs-scan 251.53cd76a Command-line client for the SSL Labs APIs scanner crypto
sslmap 0.2.0 A lightweight TLS/SSL cipher suite scanner. scanner crypto
sslscan 2.1.3 A fast tools to scan SSL services, such as HTTPS to determine the ciphers that are supported scanner crypto
sslscan2 693.2b567cb Tests SSL/TLS enabled services to discover supported cipher suites. scanner
ssrfmap 106.3eacb5d Automatic SSRF fuzzer and exploitation tool. webapp scanner fuzzer exploitation
stacs 0.5.1.r0.g11f3503 Static Token And Credential Scanner. scanner misc
stews 1.0.0.r7.gc7bba5a A Security Tool for Enumerating WebSockets. webapp scanner fingerprint fuzzer
sticky-keys-hunter 15.c816fc9 Script to test an RDP host for sticky keys and utilman backdoor. scanner
stig-viewer 2.8 XCCDF formatted SRGs and STIGs files viewer for SCAP validation tools. scanner
storm-ring 0.1 This simple tool is useful to test a PABX with "allow guest" parameter set to "yes" (in this scenario an anonymous caller could place a call). voip scanner
striker 85.87c184d An offensive information and vulnerability scanner. scanner recon webapp
strutscan 4.8712c12 Apache Struts2 vulnerability scanner written in Perl. scanner
subbrute 1.2.1 A DNS meta-query spider that enumerates DNS records and subdomains scanner
subdomainer 1.2 A tool designed for obtaining subdomain names from public sources. recon scanner
subjack 182.49c51e5 Subdomain Takeover tool written in Go. scanner
sublist3r 138.729d649 A Fast subdomains enumeration tool for penetration testers. recon scanner
subover 71.3d258e2 A Powerful Subdomain Takeover Tool. scanner recon
subscraper 2:32.d20dcb7 Tool that performs subdomain enumeration through various techniques. recon scanner
superscan 4.1 Powerful TCP port scanner, pinger, resolver. windows scanner recon
svn-extractor 45.6829804 A simple script to extract all web resources by means of .SVN folder exposed over network. scanner
swarm 1:41.1713c1e A distributed penetration testing tool. scanner recon cracker exploitation webapp
synscan 5.02 fast asynchronous half-open TCP portscanner scanner
tachyon-scanner 467.0145e92 Fast Multi-Threaded Web Discovery Tool. scanner
tactical-exploitation 91.fdc84c9 Modern tactical exploitation toolkit. scanner exploitation recon sniffer
taipan 1:2.9.498.18 Web application security scanner. scanner webapp
takeover 98.a058647 Sub-Domain TakeOver Vulnerability Scanner. scanner
testssl 1:2.9.5 Testing TLS/SSL encryption. crypto scanner 3.0.8 Testing TLS/SSL encryption crypto scanner
tfsec v0.63.1.r393.ge24d85950 Security scanner for your Terraform code. defensive scanner
thc-ipv6 3.8 Complete tool set to attack the inherent protocol weaknesses of IPv6 and ICMP6 networking recon dos spoof scanner
thc-smartbrute 1.0 This tool finds undocumented and secret commands implemented in a smartcard. cracker scanner
thcrut 1.2.5 Network discovery and OS Fingerprinting tool. fingerprint recon scanner
tiger 3.2.3 A security scanner, that checks computer for known problems. Can also use tripwire, aide and chkrootkit. automation scanner
tlsenum 78.787c88b A command line tool to enumerate TLS cipher-suites supported by a server. crypto scanner
tlspretense 1:v0.6.2.r22.g0a5faf4 SSL/TLS client testing framework crypto scanner
tlssled 1.3 A Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. automation scanner
tlsx v1.1.6.r1.gf60f2ba TLS grabber focused on TLS based data collection. scanner
topera 19.3e230fd An IPv6 security analysis toolkit, with the particularity that their attacks can't be detected by Snort. scanner networking
torcrawl 99.c83fd53 Crawl and extract (regular or onion) webpages through TOR network. webapp scanner
traxss 81.48dee2e Automated XSS Vulnerability Scanner. scanner automation
trivy 0.52.2 A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI. scanner
typo-enumerator 1:14.295f103 Enumerate Typo3 version and extensions. webapp scanner
typo3scan v1.1.4.r3.g95fe6f6 Enumerate Typo3 version and extensions. webapp scanner
ubiquiti-probing 5.c28f4c1 A Ubiquiti device discovery tool. recon scanner
udork 102.1a0aab0 Python script that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications. recon scanner
udp-hunter 4.b95cce5 Network assessment tool for various UDP Services covering both IPv4 and IPv6 protocols. scanner fuzzer fingerprint
udsim 33.b379464 A graphical simulator that can emulate different modules in a vehicle and respond to UDS request. scanner fuzzer automobile
umap 25.3ad8121 The USB host security assessment tool. scanner fuzzer
unicornscan 0.4.7 A new information gathering and correlation engine. scanner
uniscan 6.3 A simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner. fuzzer scanner webapp
unix-privesc-check 1.4 Tries to find misconfigurations that could allow local unprivilged users to escalate privileges to other users or to access local apps (e.g. databases). automation scanner
upnp-pentest-toolkit 1.1 UPnP Pentest Toolkit for Windows. windows scanner recon fuzzer
upnpscan 0.4 Scans the LAN or a given address range for UPnP capable devices. scanner
uptux 33.85ccfd0 Linux privilege escalation checks (systemd, dbus, socket fun, etc). scanner
urldigger 02c A python tool to extract URL addresses from different HOT sources and/or detect SPAM and malicious code webapp scanner
uw-loveimap 0.1 Multi threaded imap bounce scanner. scanner
uw-udpscan 0.1 Multi threaded udp scanner. scanner
uw-zone 0.1 Multi threaded, randomized IP zoner. scanner
v3n0m 536.16b629f A tool to automate mass SQLi d0rk scans and Metasploit Vulns. scanner
vais 17.5c35c3a SWF Vulnerability & Information Scanner. scanner
vane 1899.48f9ab5 A vulnerability scanner which checks the security of WordPress installations using a black box approach. scanner webapp fuzzer
vanguard 0.1 A comprehensive web penetration testing tool written in Perl that identifies vulnerabilities in web applications. webapp scanner
vault 297.593e046 Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API. scanner fingerprint recon networking
vault-scanner 299.0303cf4 Swiss army knife for hackers. scanner fingerprint recon networking
vbrute 1.11dda8b Virtual hosts brute forcer. recon scanner
vbscan 1:39.2b1ce48 A black box vBulletin vulnerability scanner written in perl. webapp fuzzer scanner
vcsmap 47.3889964 A plugin-based tool to scan public version control systems for sensitive information. scanner
vhostscan 344.2fd84a2 A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. scanner
videosnarf 0.63 A new security assessment tool for pcap analysis scanner
viproy-voipkit 1:82.52b27db VoIP Pen-Test Kit for Metasploit Framework exploitation fuzzer scanner
visql 49.3082e30 Scan SQL vulnerability on target site and sites of on server. scanner webapp
vsaudit 21.2cbc47b VOIP Security Audit Framework. voip scanner fuzzer
vscan 10.da4e47e HTTPS / Vulnerability scanner. scanner
vsvbp 6.241a7ab Black box tool for Vulnerability detection in web applications. webapp scanner
vulmap 95.a167c47 Vulmap Online Local Vulnerability Scanners Project scanner fingerprint recon
vulnerabilities-spider 1.426e70f A tool to scan for web vulnerabilities. webapp scanner
vulnx 321.bcf451d Cms and vulnerabilites detector & An intelligent bot auto shell injector. webapp scanner fingerprint recon
vuls 1106.e3c27e1 Vulnerability scanner for Linux/FreeBSD, agentless, written in Go. scanner
vulscan 2.0 A module which enhances nmap to a vulnerability scanner scanner fuzzer
w13scan 430.432b835 Passive Security Scanner. webapp scanner fuzzer
w3af 1.6.49 Web Application Attack and Audit Framework. fuzzer scanner webapp
waffit 202.d28dc3d Identify and fingerprint Web Application Firewall (WAF) products protecting a website. scanner webapp
wafw00f 845.ae6a67f Identify and fingerprint Web Application Firewall (WAF) products protecting a website. scanner webapp
waldo 29.ee4f960 A lightweight and multithreaded directory and subdomain bruteforcer implemented in Python. recon scanner
wapiti 3.1.8.r91.g91c1a071 A vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections... fuzzer scanner webapp
wascan 1:37.6926338 Web Application Scanner. webapp scanner
wcvs 1.2.1.r0.g08865ff Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. webapp scanner
webanalyze 121.707f3a4 Port of Wappalyzer (uncovers technologies used on websites) in go to automate scanning. webapp recon scanner fingerprint
webborer 173.b323cf4 A directory-enumeration tool written in Go. webapp scanner
webenum 21.24b43b4 Tool to enumerate http responses using dynamically generated queries and more. Useful for penetration tests against web servers. scanner webapp
webhunter 12.918b606 Tool for scanning web applications and networks and easily completing the process of collecting knowledge. scanner webapp
webpwn3r 38.3d75e76 A python based Web Applications Security Scanner. scanner webapp
webrute 3.3 Web server directory brute forcer. scanner webapp
webscarab 20120422.001828 Framework for analysing applications that communicate using the HTTP and HTTPS protocols fuzzer proxy scanner webapp
webshag 1.10 A multi-threaded, multi-platform web server audit tool. fuzzer scanner webapp
websploit 4.0.4 An Open Source Project For, Social Engineering Works, Scan, Crawler & Analysis Web, Automatic Exploiter, Support Network Attacks exploitation fuzzer scanner social
webtech 1.3.3 Identify technologies used on websites. webapp recon scanner fingerprint
webxploiter 56.c03fe6b An OWASP Top 10 Security scanner. webapp exploitation fuzzer scanner
weirdaal 331.c14e36d AWS Attack Library. webapp scanner fuzzer
whatwaf 392.b14e866 Detect and bypass web application firewalls and protection systems. webapp scanner
whitewidow 605.4f27bfe SQL Vulnerability Scanner. scanner
wifiscanmap 135.9adcd08 Another wifi mapping tool. wireless scanner
wig 574.d5ddd91 WebApp Information Gatherer. webapp scanner recon
winfo 2.0 Uses null sessions to remotely try to retrieve lists of and information about user accounts, workstation/interdomain/server trust accounts, shares (also hidden), sessions, logged in users, and password/lockout policy, from Windows NT/2000/XP. windows recon scanner
witchxtool 1.1 A perl script that consists of a port scanner, LFI scanner, MD5 bruteforcer, dork SQL injection scanner, fresh proxy scanner, and a dork LFI scanner. webapp scanner exploitation fuzzer
wnmap 0.1 A shell script written with the purpose to automate and chain scans via nmap. You can run nmap with a custom mode written by user and create directories for every mode with the xml/nmap files inside. automation scanner
wolpertinger 2.58ef8e2 A distributed portscanner. scanner
wordpresscan 76.f810c1c WPScan rewritten in Python + some WPSeku ideas. scanner webapp
wpintel 6.741c0c9 Chrome extension designed for WordPress Vulnerability Scanning and information gathering. webapp scanner fingerprint
wpscan 1:3.8.25 Black box WordPress vulnerability scanner webapp fuzzer scanner
wpseku 2:39.862fb2c Simple Wordpress Security Scanner. webapp scanner
wpsik 8.8d3856b WPS scan and pwn tool. wireless scanner
wups 1.4 An UDP port scanner for Windows. windows scanner
x-scan 3.3 A general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method, plug-ins are supportable. windows scanner
x8 1:v4.1.0.r2.g6ee4532 Hidden parameters discovery suite. webapp scanner
xattacker 122.72f9f8e Website Vulnerability Scanner & Auto Exploiter. webapp scanner blackarck-exploitation
xcname 11.9c475a1 A tool for enumerating expired domains in CNAME records. scanner
xpire-crossdomain-scanner 1.0cb8d3b Scans crossdomain.xml policies for expired domain names. scanner
xsrfprobe 523.ce04111 The Prime Cross Site Request Forgery Audit and Exploitation Toolkit. webapp scanner
xss-freak 17.e361766 An XSS scanner fully written in Python3 from scratch. webapp scanner fuzzer
xsscon 45.ce91fd6 Simple XSS Scanner tool. webapp scanner
xsspy 60.b10d336 Web Application XSS Scanner. webapp scanner
xsss 0.40b A brute force cross site scripting scanner. webapp fuzzer scanner
xssscan 1:17.7f1ea90 Command line tool for detection of XSS attacks in URLs. Based on ModSecurity rules from OWASP CRS. webapp scanner fuzzer
xsstracer 5.f2ed21a Python script that checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection. scanner
xsstrike 467.f292787 An advanced XSS detection and exploitation suite. webapp scanner
xssya 1:13.cd62817 A Cross Site Scripting Scanner & Vulnerability Confirmation. webapp scanner
xwaf 162.c6f6bb7 Automatic WAF bypass tool. webapp scanner
yaaf 7.4d6273a Yet Another Admin Finder. webapp scanner
yasat 848 Yet Another Stupid Audit Tool. scanner recon fingerprint
yasuo 121.994dcb1 A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network. webapp scanner
yawast 1:0.11.0 The YAWAST Antecedent Web Application Security Toolkit. webapp scanner fuzzer
ycrawler 0.1 A web crawler that is useful for grabbing all user supplied input related to a given website and will save the output. It has proxy and log file support. webapp scanner proxy
yersinia 0.8.2 A network tool designed to take advantage of some weakness in different network protocols. networking scanner
zackattack 5.1f96c14 A new tool set to do NTLM Authentication relaying unlike any other tool currently out there. networking scanner cracker
zeus 111.97db152 AWS Auditing & Hardening Tool. defensive scanner
zmap 4.1.1 Fast network scanner designed for Internet-wide network surveys scanner