0trace |
1.5 |
A hop enumeration tool. |
|
a2sv |
140.cb24c4e |
Auto Scanning to SSL Vulnerability. |
|
admsnmp |
0.1 |
ADM SNMP audit scanner. |
|
allthevhosts |
1.0 |
A vhost discovery tool that scrapes various web applications. |
|
amass |
2143.5f1f7176 |
In-depth subdomain enumeration written in Go. |
|
anubis |
1.1.3.r0.g9ea89fa |
Subdomain enumeration and information gathering tool. |
|
apache-users |
2.1 |
This perl script will enumerate the usernames on a unix system that use the apache module UserDir. |
|
apachetomcatscanner |
3.2 |
Apache Tomcat vulnerability scanner. |
|
assassingo |
173.2dd8650 |
Web pentest framework for information gathering and vulnerability scanning. |
|
assetfinder |
19.4e95d87 |
Find domains and subdomains potentially related to a given domain. |
|
athena-ssl-scanner |
0.6.2 |
A SSL cipher scanner that checks all cipher codes. It can identify about 150 different ciphers. |
|
atscan |
2461.06521a9 |
Server, Site and Dork Scanner. |
|
attk |
2.0.1023 |
Trend Micro Anti-Threat Toolkit. |
|
aws-extender-cli |
17.a351154 |
Script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues. |
|
aws-iam-privesc |
11.2983efd |
AWS IAM policy scanner that helps determine where privilege escalation can be achieved. |
|
barmie |
1.01 |
Java RMI enumeration and attack tool. |
|
bashscan |
94.80c066c |
A port scanner built to utilize /dev/tcp for network and service discovery. |
|
belati |
72.49577a1 |
The Traditional Swiss Army Knife for OSINT. |
|
bingoo |
3.698132f |
A Linux bash based Bing and Google Dorking Tool. |
|
birp |
65.b2e108a |
A tool that will assist in the security assessment of mainframe applications served over TN3270. |
|
blackbox-scanner |
1.7a25220 |
Dork scanner & bruteforcing & hash cracker with blackbox framework. |
|
bleah |
53.6a2fd3a |
A BLE scanner for "smart" devices hacking. |
|
blindy |
12.59de8f2 |
Simple script to automate brutforcing blind sql injection vulnerabilities. |
|
bluto |
142.25cad7a |
Recon, Subdomain Bruting, Zone Transfers. |
|
braa |
0.82 |
A mass snmp scanner |
|
cameradar |
195.1b91e54 |
Hacks its way into RTSP videosurveillance cameras. |
|
camscan |
1.0057215 |
A tool which will analyze the CAM table of Cisco switches to look for anamolies. |
|
cangibrina |
123.6de0165 |
Dashboard Finder. |
|
cecster |
5.15544cb |
A tool to perform security testing against the HDMI CEC (Consumer Electronics Control) and HEC (HDMI Ethernet Channel) protocols. |
|
cero |
v1.3.0.r19.gb73125b |
Scrape domain names from SSL certificates of arbitrary hosts. |
|
changeme |
266.89f59d4 |
A default credential scanner. |
|
check-weak-dh-ssh |
0.1 |
Debian OpenSSL weak client Diffie-Hellman Exchange checker. |
|
chiron |
48.524abe1 |
An all-in-one IPv6 Penetration Testing Framework. |
|
cipherscan |
421.5866911 |
A very simple way to find out which SSL ciphersuites are supported by a target. |
|
ciscos |
1.3 |
Scans class A, B, and C networks for cisco routers which have telnet open and have not changed the default password from cisco. |
|
clair |
1994.1607766c |
Vulnerability Static Analysis for Containers. |
|
climber |
30.5530a78 |
Check UNIX/Linux systems for privilege escalation. |
|
cloudflare-enum |
10.412387f |
Cloudflare DNS Enumeration Tool for Pentesters. |
|
cloudsploit |
6524.90cff06ef |
AWS security scanning checks. |
|
cmsmap |
8.59dd0e2 |
A python open source Content Management System scanner that automates the process of detecting security flaws of the most popular CMSs. |
|
configpush |
0.8.5 |
This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices. |
|
corstest |
10.beffd0b |
A simple CORS misconfigurations checker. |
|
cpfinder |
0.1 |
Simple script that looks for administrative web interfaces. |
|
crackmapexec |
v6.0.1.r198.gda472cb |
A swiss army knife for pentesting Windows/Active Directory environments. |
|
creepy |
137.9f60449 |
A geolocation information gatherer. Offers geolocation information gathering through social networking platforms. |
|
ct-exposer |
24.71252ac |
An OSINT tool that discovers sub-domains by searching Certificate Transparency logs. |
|
cvechecker |
4.0 |
The goal of cvechecker is to report about possible vulnerabilities on your system, by scanning the installed software and matching the results with the CVE database. |
|
d-tect |
13.9555c25 |
Pentesting the Modern Web. |
|
darkbing |
0.1 |
A tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. |
|
davtest |
3.a282c58 |
Tests WebDAV enabled servers by uploading test executable files, and then (optionally) uploading files which allow for command execution or other actions directly on the target. |
|
dbusmap |
16.6bb2831 |
Simple utility for enumerating D-Bus endpoints, an nmap for D-Bus. |
|
dcrawl |
7.3273c35 |
Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. |
|
deblaze |
1.0608dc3 |
Performs method enumeration and interrogation against flash remoting end points. |
|
delldrac |
0.1a |
DellDRAC and Dell Chassis Discovery and Brute Forcer. |
|
dhcpig |
110.f037788 |
Enhanced DHCPv4 and DHCPv6 exhaustion and fuzzing script written in python using scapy network library. |
|
dirb |
2.22 |
A web content scanner, brute forceing for hidden files. |
|
dirbuster |
1.0_RC1 |
An application designed to brute force directories and files names on web/application servers |
|
dirscanner |
0.1 |
This is a python script that scans webservers looking for administrative directories, php shells, and more. |
|
dirstalk |
1.3.3 |
Modern alternative to dirbuster/dirb. |
|
dive |
0.12.0 |
A tool for exploring layers in a docker image |
|
dmitry |
1.3a |
Deepmagic Information Gathering Tool. |
|
dnmap |
0.6 |
The distributed nmap framework. |
|
dns2geoip |
0.1 |
A simple python script that brute forces DNS and subsequently geolocates the found subdomains. |
|
dnsa |
0.6 |
A dns security swiss army knife. |
|
dnsbf |
0.3 |
Search for available domain names in an IP range. |
|
dnscan |
208.2e23323 |
A python wordlist-based DNS subdomain scanner. |
|
dnsgoblin |
0.1 |
Nasty creature constantly searching for DNS servers. It uses standard dns querys and waits for the replies. |
|
dnspredict |
0.0.2 |
DNS prediction. |
|
dnstwist |
638.b497e05 |
Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. |
|
dockerscan |
59.590a844 |
Docker security analysis & hacking tools. |
|
dorkbot |
212.c91c4b9 |
Command-line tool to scan Google search results for vulnerabilities. |
|
dorkme |
57.0a7017a |
Tool designed with the purpose of making easier the searching of vulnerabilities with Google Dorks, such as SQL Injection vulnerabilities. |
|
dpscan |
0.1 |
Drupal Vulnerability Scanner. |
|
driftnet |
v1.3.0.r13.ge492335 |
Listens to network traffic and picks out images from TCP streams it observes. |
|
dripper |
v1.r1.gc9bb0c9 |
A fast, asynchronous DNS scanner; it can be used for enumerating subdomains and enumerating boxes via reverse DNS. |
|
dvcs-ripper |
54.2c1bbc6 |
Rip web accessible (distributed) version control systems: SVN/GIT/BZR/CVS/HG. |
|
eazy |
0.1 |
This is a small python tool that scans websites to look for PHP shells, backups, admin panels, and more. |
|
enum-shares |
7.97cba5a |
Tool that enumerates shared folders across the network and under a custom user account. |
|
enumiax |
1.0 |
An IAX enumerator. |
|
eternal-scanner |
101.3979b0f |
An internet scanner for exploit CVE-0144 (Eternal Blue). |
|
faradaysec |
12702.d1d507736 |
Collaborative Penetration Test and Vulnerability Management Platform. |
|
fernmelder |
8.030212e |
Asynchronous mass DNS scanner. |
|
fgscanner |
11.893372c |
An advanced, opensource URL scanner. |
|
fi6s |
195.1380b86 |
IPv6 network scanner designed to be fast. |
|
find-dns |
0.1 |
A tool that scans networks looking for DNS servers. |
|
flashscanner |
11.6815b02 |
Flash XSS Scanner. |
|
flunym0us |
2.0 |
A Vulnerability Scanner for Wordpress and Moodle. |
|
forkingportscanner |
1 |
Simple and fast forking port scanner written in perl. Can only scan on host at a time, the forking is done on the specified port range. Or on the default range of 1. Has the ability to scan UDP or TCP, defaults to tcp. |
|
fortiscan |
0.7.r7.gd54faa0 |
A high performance FortiGate SSL-VPN vulnerability scanning and exploitation tool. |
|
fs-nyarl |
1.0 |
A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit. |
|
fscan |
1.8.4.r5.g3dfd2e9 |
A Security Auditing Tool. |
|
fsnoop |
3.4 |
A tool to monitor file operations on GNU/Linux systems by using the Inotify mechanism. Its primary purpose is to help detecting file race condition vulnerabilities and since version 3, to exploit them with loadable DSO modules (also called "payload modules" or "paymods"). |
|
ftp-spider |
1.0 |
FTP investigation tool - Scans ftp server for the following: reveal entire directory tree structures, detect anonymous access, detect directories with write permissions, find user specified data within repository. |
|
ftpscout |
12.cf1dff1 |
Scans ftps for anonymous access. |
|
gcpbucketbrute |
17.6866bd2 |
A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated. |
|
gethsploit |
3.144778b |
Finding Ethereum nodes which are vulnerable to RPC-attacks. |
|
gggooglescan |
0.4 |
A Google scraper which performs automated searches and returns results of search queries in the form of URLs or hostnames. |
|
ghost-phisher |
1.62 |
GUI suite for phishing and penetration attacks |
|
git-dump |
7.4c9a2a9 |
Dump the contents of a remote git repository without directory listing enabled. |
|
git-dumper |
1.0.6.r14.g2d6fa4f |
A tool to dump a git repository from a website. |
|
gitrob |
7.7be4c53 |
Reconnaissance tool for GitHub organizations. |
|
gloom |
93.cd6e927 |
Linux Penetration Testing Framework. |
|
grabbb |
0.0.7 |
Clean, functional, and fast banner scanner. |
|
graphql-cop |
1.12.r21.ga08f757 |
GraphQL vulnerability scanner. |
|
grepforrfi |
0.1 |
Simple script for parsing web logs for RFIs and Webshells v1.2 |
|
grype |
0.33.1 |
A vulnerability scanner for container images and filesystems. |
|
gtp-scan |
0.7 |
A small python script that scans for GTP (GPRS tunneling protocol) speaking hosts. |
|
h2buster |
79.6c4dd1c |
A threaded, recursive, web directory brute-force scanner over HTTP/2. |
|
habu |
359.8326936 |
Python Network Hacking Toolkit. |
|
hakku |
384.bbb434d |
Simple framework that has been made for penetration testing tools. |
|
halberd |
0.2.4 |
Halberd discovers HTTP load balancers. It is useful for web application security auditing and for load balancer configuration testing. |
|
hbad |
1.0 |
This tool allows you to test clients on the heartbleed bug. |
|
hellraiser |
279.bea43e2 |
Vulnerability Scanner. |
|
hikpwn |
8.5a7d69c |
A simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8. |
|
homepwn |
31.0803981 |
Swiss Army Knife for Pentesting of IoT Devices. |
|
hoppy |
1.8.1 |
A python script which tests http methods for configuration issues leaking information or just to see if they are enabled. |
|
host-extract |
8.0134ad7 |
Ruby script tries to extract all IP/Host patterns in page response of a given URL and JavaScript/CSS files of that URL. |
|
hsecscan |
66.7b8fa71 |
A security scanner for HTTP response headers. |
|
http-enum |
0.4 |
A tool to enumerate the enabled HTTP methods supported on a webserver. |
|
httprobe |
22.5555984 |
Take a list of domains and probe for working HTTP and HTTPS servers |
|
httpsscanner |
1.2 |
A tool to test the strength of a SSL web server. |
|
iaxscan |
0.02 |
A Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. |
|
icmpquery |
1.0 |
Send and receive ICMP queries for address mask and current time. |
|
iis-shortname-scanner |
5.4ad4937 |
An IIS shortname Scanner. |
|
ike-scan |
1.9.5 |
A tool that uses IKE protocol to discover, fingerprint and test IPSec VPN servers. |
|
ilo4-toolbox |
47.672a5d6 |
Toolbox for HPE iLO4 analysis. |
|
infip |
0.1 |
A python script that checks output from netstat against RBLs from Spamhaus. |
|
inurlbr |
34.dbf9773 |
Advanced search in the search engines - Inurl scanner, dorker, exploiter. |
|
ipscan |
3.9.1 |
A very fast IP address and port scanner. |
|
iptv |
138.ae6457b |
Search and brute force illegal iptv server. |
|
ipv6toolkit |
859.ae0060c |
SI6 Networks' IPv6 Toolkit. |
|
jaadas |
0.1 |
Joint Advanced Defect assEsment for android applications. |
|
knock |
96.0c6ea4f |
Subdomain scanner. |
|
knxmap |
252.6f40dd1 |
KNXnet/IP scanning and auditing tool for KNX home automation installations. |
|
krbrelayx |
49.4eb9c4f |
Kerberos unconstrained delegation abuse toolkit. |
|
kscan |
v1.85.r55.gcf76af2 |
Asset mapping tool that can perform port scanning, TCP fingerprinting and banner capture for specified assets. |
|
kube-hunter |
703.bc47f08 |
Hunt for security weaknesses in Kubernetes clusters. |
|
kubesploit |
86.2de2f12 |
Cross-platform post-exploitation HTTP/2 Command & Control server. |
|
kubestriker |
39.e1776ea |
A Blazing fast Security Auditing tool for Kubernetes. |
|
laf |
12.7a456b3 |
Login Area Finder: scans host/s for login panels. |
|
ldapdomaindump |
0.9.4 |
Active Directory information dumper via LDAP. |
|
leaklooker |
5.0d2b9fc |
Find open databases with Shodan. |
|
letmefuckit-scanner |
3.f3be22b |
Scanner and Exploit Magento. |
|
leviathan |
35.a1a1d8c |
A mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. |
|
lfi-scanner |
4.0 |
This is a simple perl script that enumerates local file inclusion attempts when given a specific target. |
|
lfisuite |
85.470e01f |
Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner. |
|
linenum |
75.c47f9b2 |
Scripted Local Linux Enumeration & Privilege Escalation Checks |
|
linux-smart-enumeration |
299.eb80976 |
Linux enumeration tool for pentesting and CTFs with verbosity levels. |
|
littleblackbox |
0.1.3 |
Penetration testing tool, search in a collection of thousands of private SSL keys extracted from various embedded devices. |
|
locasploit |
117.fa48151 |
Local enumeration and exploitation framework. |
|
logmepwn |
24.f257a8f |
A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-44228 vulnerability. |
|
lotophagi |
0.1 |
a relatively compact Perl script designed to scan remote hosts for default (or common) Lotus NSF and BOX databases. |
|
lunar |
884.0578751 |
A UNIX security auditing tool based on several security frameworks. |
|
lynis |
3.1.2 |
Security and system auditing tool to harden Unix/Linux systems |
|
maligno |
2.5 |
An open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. |
|
manspider |
70.30ce682 |
Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported! |
|
mantra |
v2.0.r1.ga0ae15e |
Hunt down API key leaks in JS files and pages. |
|
maryam |
819.99ae85a |
Full-featured Web Identification framework written in Python. |
|
masscan |
1.3.2 |
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes |
|
mitm6 |
33.8e75884 |
Pwning IPv4 via IPv6. |
|
modscan |
0.1 |
A new tool designed to map a SCADA MODBUS TCP based network. |
|
mongoaudit |
222.70b83e8 |
A powerful MongoDB auditing and pentesting tool . |
|
mqtt-pwn |
43.40368e5 |
A one-stop-shop for IoT Broker penetration-testing and security assessment operations. |
|
msmailprobe |
1.c01c8bf |
Office 365 and Exchange Enumeration tool. |
|
mssqlscan |
0.8.4 |
A small multi-threaded tool that scans for Microsoft SQL Servers. |
|
multiscanner |
1559.86e0145 |
Modular file scanning/analysis framework. |
|
naabu |
1598.47c66bb |
A fast port scanner written in go with focus on reliability and simplicity. |
|
nbtscan |
1.7.2 |
Scan networks searching for NetBIOS information |
|
netbios-share-scanner |
1.0 |
This tool could be used to check windows workstations and servers if they have accessible shared resources. |
|
netexec |
v1.3.0.r25.g78da4988 |
A Windows / Active Directory environments pentest tool. |
|
netscan |
1.0 |
Tcp/Udp/Tor port scanner with: synpacket, connect TCP/UDP and socks5 (tor connection). |
|
netscan2 |
60.3d02ba1 |
Active / passive network scanner. |
|
netz |
v0.1.0.r8.g3754e56 |
Discover internet-wide misconfigurations while drinking coffee. |
|
nikto |
2.5.0 |
A web server scanner which performs comprehensive tests against web servers for multiple items |
|
nili |
39.285220a |
Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing. |
|
nmap |
7.95 |
Utility for network discovery and security auditing |
|
nmbscan |
1.2.6 |
Tool to scan the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. |
|
nray |
59.30517fd |
Distributed port scanner. |
|
nsec3map |
20.1263537 |
A tool to enumerate the resource records of a DNS zone using its DNSSEC NSEC or NSEC3 chain. |
|
ntlm-challenger |
8.bd61ef6 |
Parse NTLM over HTTP challenge messages. |
|
ntlm-scanner |
6.4b29329 |
A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities. |
|
ntlmrecon |
78.b5778a0 |
A tool to enumerate information from NTLM authentication enabled web endpoints. |
|
nuclei-templates |
v10.0.2.r661.g1467b1c5be |
Community curated list of template files for the nuclei engine. |
|
o-saft |
6905.87111f75 |
A tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations. |
|
ocs |
0.2 |
Compact mass scanner for Cisco routers with default telnet/enable passwords. |
|
onetwopunch |
v1.0.0.r2.gd4ab4e8 |
Use unicornscan to quickly scan all open ports, and then pass the open ports to nmap for detailed scans. |
|
onionscan |
130.da42865 |
Scan Onion Services for Security Issues. |
|
openvas-scanner |
22.4.0 |
The OpenVAS scanning Daemon. |
|
pagodo |
150.7f17f51 |
Google dork script to collect potentially vulnerable web pages and applications on the Internet. |
|
paketto |
1.10 |
Advanced TCP/IP Toolkit. |
|
panhunt |
63.ec87e88 |
Searches for credit card numbers (PANs) in directories. |
|
paranoic |
1.7 |
A simple vulnerability scanner written in Perl. |
|
passhunt |
5.332f374 |
Search drives for documents containing passwords. |
|
pbscan |
10.566c3d7 |
Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage. |
|
pcredz |
91.a9daca4 |
A tool that extracts credit card numbers and more from a pcap file or from a live interface. |
|
peass |
20240505.284a0ce8.r0.g74c1391 |
Privilege Escalation Awesome Scripts SUITE (with colors). |
|
pentestly |
1798.93d1b39 |
Python and Powershell internal penetration testing framework. |
|
plcscan |
0.1 |
This is a tool written in Python that will scan for PLC devices over s7comm or modbus protocols. |
|
pnscan |
1.14.1 |
A parallel network scanner that can be used to survey TCP network services. |
|
poison |
1.5.41 |
A fast, asynchronous syn and udp scanner. |
|
ppscan |
0.3 |
Yet another port scanner with HTTP and FTP tunneling support. |
|
prads |
1132.e631f4f |
A "Passive Real-time Asset Detection System". |
|
praeda |
49.b0b17d3 |
An automated data/information harvesting tool designed to gather critical information from various embedded devices. |
|
proxycheck |
0.1 |
This is a simple proxy tool that checks for the HTTP CONNECT method and grabs verbose output from a webserver. |
|
proxyscan |
0.3 |
A security penetration testing tool to scan for hosts and ports through a Web proxy server. |
|
pwndora |
248.d3f676a |
Massive IPv4 scanner, find and analyze internet-connected devices in minutes, create your own IoT search engine at home. |
|
pyssltest |
9.d7703f0 |
A python multithreaded script to make use of Qualys ssllabs api to test SSL flaws. |
|
pytbull |
19.3d82a54 |
Next generation of pytbull, IDS/IPS testing framework. |
|
pythem |
454.e4fcb8a |
Python2 penetration testing framework. |
|
python2-ldapdomaindump |
0.9.4 |
Active Directory information dumper via LDAP. |
|
ranger-scanner |
149.3aae5dd |
A tool to support security professionals to access and interact with remote Microsoft Windows based systems. |
|
rawr |
74.544dd75 |
Rapid Assessment of Web Resources. A web enumerator. |
|
rbac-lookup |
v0.10.2.r9.gfa1a697 |
A CLI that allows you to easily find Kubernetes roles and cluster roles bound to any user. |
|
rdp-cipher-checker |
0.1 |
Enumerate the encryption protocols supported by the server and the cipher strengths supported using native RDP encryption. |
|
rdp-sec-check |
11.d0cc143 |
Script to enumerate security settings of an RDP Service. |
|
relay-scanner |
1.7 |
An SMTP relay scanner. |
|
responder |
v3.1.5.0.r0.ge918fe0 |
A LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2 (multirelay version). |
|
retire |
5.2.5.r7.g8b9d089 |
Scanner detecting the use of JavaScript libraries with known vulnerabilities. |
|
routerhunter |
21.4da257c |
Tool used to find vulnerable routers and devices on the Internet and perform tests. |
|
rtlizer |
35.5614163 |
Simple spectrum analyzer. |
|
rtlsdr-scanner |
1013.3c032de |
A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library. |
|
rustscan |
2.3.0 |
A modern port scanner |
|
s3scanner |
473.9c61311 |
A tool to find open S3 buckets in AWS or other cloud providers. |
|
sambascan |
0.5.0 |
Allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. |
|
sandcastle |
73.10af7c7 |
A Python script for AWS S3 bucket enumeration. |
|
sandmap |
579.a7c4860 |
Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles. |
|
sandy |
6.531ab16 |
An open-source Samsung phone encryption assessment framework |
|
sb0x |
19.04f40fe |
A simple and Lightweight framework for Penetration testing. |
|
scamper |
20230323 |
A tool that actively probes the Internet in order to analyze topology and performance. |
|
scanless |
90.3da40e9 |
Utility for using websites that can perform port scans on your behalf. |
|
scanssh |
2.1 |
Fast SSH server and open proxy scanner. |
|
scout2 |
1182.5d86d46 |
Security auditing tool for AWS environments. |
|
scoutsuite |
5.14.0.r0.g7909f2fc6 |
Multi-Cloud Security Auditing Tool. |
|
scrape-dns |
58.3df392f |
Searches for interesting cached DNS entries. |
|
sdnpwn |
85.0080574 |
An SDN penetration testing toolkit. |
|
seat |
0.3 |
Next generation information digging application geared toward the needs of security professionals. It uses information stored in search engine databases, cache repositories, and other public resources to scan web sites for potential vulnerabilities. |
|
shareenum |
48.db728dd |
Tool to enumerate shares from Windows hosts. |
|
sharesniffer |
58.a0c5ed6 |
Network share sniffer and auto-mounter for crawling remote file systems. |
|
simple-lan-scan |
1.0 |
A simple python script that leverages scapy for discovering live hosts on a network. |
|
sipshock |
7.6ab5591 |
A scanner for SIP proxies vulnerable to Shellshock. |
|
slurp-scanner |
90.6a4eaaf |
Evaluate the security of S3 buckets. |
|
smap-scanner |
0.1.12.r1.g90dfe74 |
Passive port scanner built with shodan free API. |
|
smbexec |
59.a54fc14 |
A rapid psexec style attack with samba tools. |
|
smbmap |
v1.10.5.r1.g2169cc6 |
A handy SMB enumeration tool. |
|
smbspider |
10.7db9323 |
A lightweight python utility for searching SMB/CIFS/Samba file shares. |
|
smbsr |
50.7f86241 |
Lookup for interesting stuff in SMB shares. |
|
smod |
53.7eb8423 |
A modular framework with every kind of diagnostic and offensive feature you could need in order to pentest modbus protocol. |
|
smtp-test |
5.d8d8598 |
Automated testing of SMTP servers for penetration testing. |
|
smtp-vrfy |
1.0 |
An SMTP Protocol Hacker. |
|
smtptx |
1.0 |
A very simple tool used for sending simple email and do some basic email testing from a pentester perspective. |
|
snmpenum |
1.7 |
An snmp enumerator. |
|
snmpscan |
0.1 |
A free, multi-processes SNMP scanner. |
|
snoopbrute |
17.589fbe6 |
Multithreaded DNS recursive host brute-force tool. |
|
sparta |
21.b0a4514 |
Python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. |
|
sqlivulscan |
249.cc8e657 |
This will give you the SQLi Vulnerable Website Just by Adding the Dork. |
|
ssdp-scanner |
1.0 |
SSDP amplification scanner written in Python. Makes use of Scapy. |
|
ssh-audit |
3.3.0 |
SSH configuration auditing |
|
ssh-user-enum |
7.ae453c1 |
SSH User Enumeration Script in Python Using The Timing Attack. |
|
sslcaudit |
524.f218b9b |
Utility to perform security audits of SSL/TLS clients. |
|
ssllabs-scan |
251.53cd76a |
Command-line client for the SSL Labs APIs |
|
sslmap |
0.2.0 |
A lightweight TLS/SSL cipher suite scanner. |
|
sslscan |
2.1.5 |
Fast tool to scan SSL services such as HTTPS to determine supported ciphers |
|
sslscan2 |
702.a1b0292 |
Tests SSL/TLS enabled services to discover supported cipher suites. |
|
stacs |
0.5.1.r0.g11f3503 |
Static Token And Credential Scanner. |
|
sticky-keys-hunter |
15.c816fc9 |
Script to test an RDP host for sticky keys and utilman backdoor. |
|
stig-viewer |
2.8 |
XCCDF formatted SRGs and STIGs files viewer for SCAP validation tools. |
|
strutscan |
4.8712c12 |
Apache Struts2 vulnerability scanner written in Perl. |
|
subbrute |
1.2.1 |
A DNS meta-query spider that enumerates DNS records and subdomains |
|
subjack |
182.49c51e5 |
Subdomain Takeover tool written in Go. |
|
subover |
71.3d258e2 |
A Powerful Subdomain Takeover Tool. |
|
swarm |
41.1713c1e |
A distributed penetration testing tool. |
|
synscan |
5.02 |
fast asynchronous half-open TCP portscanner |
|
sysdig |
0.38.1 |
Open source system-level exploration and troubleshooting tool |
|
tachyon-scanner |
467.0145e92 |
Fast Multi-Threaded Web Discovery Tool. |
|
tactical-exploitation |
95.7bbcb5d |
Modern tactical exploitation toolkit. |
|
taipan |
2.9.498.18 |
Web application security scanner. |
|
takeover |
98.a058647 |
Sub-Domain TakeOver Vulnerability Scanner. |
|
tlsx |
v1.1.8.r0.g4e2bfc5 |
TLS grabber focused on TLS based data collection. |
|
topera |
19.3e230fd |
An IPv6 security analysis toolkit, with the particularity that their attacks can't be detected by Snort. |
|
traxss |
81.48dee2e |
Automated XSS Vulnerability Scanner. |
|
trivy |
0.56.2 |
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI |
|
udp-hunter |
4.b95cce5 |
Network assessment tool for various UDP Services covering both IPv4 and IPv6 protocols. |
|
udsim |
33.b379464 |
A graphical simulator that can emulate different modules in a vehicle and respond to UDS request. |
|
umap |
25.3ad8121 |
The USB host security assessment tool. |
|
unicornscan |
0.4.7 |
A new information gathering and correlation engine. |
|
upnpscan |
0.4 |
Scans the LAN or a given address range for UPnP capable devices. |
|
uptux |
33.85ccfd0 |
Linux privilege escalation checks (systemd, dbus, socket fun, etc). |
|
uw-loveimap |
0.1 |
Multi threaded imap bounce scanner. |
|
uw-udpscan |
0.1 |
Multi threaded udp scanner. |
|
uw-zone |
0.1 |
Multi threaded, randomized IP zoner. |
|
v3n0m |
536.16b629f |
Offensive Security Tool for Vulnerability Scanning & Pentesting |
|
vais |
17.5c35c3a |
SWF Vulnerability & Information Scanner. |
|
vault-scanner |
299.0303cf4 |
Swiss army knife for hackers. |
|
vcsmap |
47.3889964 |
A plugin-based tool to scan public version control systems for sensitive information. |
|
vhostscan |
344.2fd84a2 |
A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. |
|
videosnarf |
0.63 |
A new security assessment tool for pcap analysis |
|
visql |
49.3082e30 |
Scan SQL vulnerability on target site and sites of on server. |
|
vscan |
10.da4e47e |
HTTPS / Vulnerability scanner. |
|
vulmap |
95.a167c47 |
Vulmap Online Local Vulnerability Scanners Project |
|
vuls |
1106.e3c27e1 |
Vulnerability scanner for Linux/FreeBSD, agentless, written in Go. |
|
vulscan |
2.0 |
A module which enhances nmap to a vulnerability scanner |
|
wafw00f |
854.bd324af |
Identify and fingerprint Web Application Firewall (WAF) products protecting a website. |
|
webenum |
21.24b43b4 |
Tool to enumerate http responses using dynamically generated queries and more. |
|
webhunter |
12.918b606 |
Tool for scanning web applications and networks and easily completing the process of collecting knowledge. |
|
webpwn3r |
38.3d75e76 |
A python based Web Applications Security Scanner. |
|
webrute |
3.3 |
Web server directory brute forcer. |
|
whitewidow |
605.4f27bfe |
SQL Vulnerability Scanner. |
|
wolpertinger |
2.58ef8e2 |
A distributed portscanner. |
|
wordpresscan |
76.f810c1c |
WPScan rewritten in Python + some WPSeku ideas. |
|
xcname |
11.9c475a1 |
A tool for enumerating expired domains in CNAME records. |
|
xpire-crossdomain-scanner |
1.0cb8d3b |
Scans crossdomain.xml policies for expired domain names. |
|
xsstracer |
5.f2ed21a |
Python script that checks remote web servers for Clickjacking, Cross-Frame Scripting, Cross-Site Tracing and Host Header Injection. |
|
yasat |
848 |
Yet Another Stupid Audit Tool. |
|
zmap |
4.2.0 |
Fast network scanner designed for Internet-wide network surveys |
|