Awesome Open Source

Programming Languages

Search results for scanner security tools

security-tools x

105 search results found

Trivy ⭐ 20,160

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Trufflehog ⭐ 18,680

Find, verify, and analyze leaked credentials

Rustscan ⭐ 15,376

🤖 The Modern Port Scanner 🤖

Vuls ⭐ 10,487

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Rengine ⭐ 6,446

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Reconftw ⭐ 5,890

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Whatweb ⭐ 5,825

Next generation web scanner

Osv Scanner ⭐ 5,632

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Osmedeus ⭐ 5,492

A Workflow Engine for Offensive Security

Ladon ⭐ 4,947

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、

Terrascan ⭐ 4,863

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Nettacker ⭐ 3,770

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

A recursive internet scanner for hackers.

Nosqlmap ⭐ 2,937

Automated NoSQL database enumeration and web application exploitation tool.

Vulmap ⭐ 2,935

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Black Hat Rust ⭐ 2,662

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Dockle ⭐ 2,534

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Reconnoitre ⭐ 2,053

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Appinfoscanner ⭐ 1,975

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网

Jaeles ⭐ 1,951

The Swiss Army knife for automated Web Application Testing

Rapidscan ⭐ 1,489

🆕 The Multi-Tool Web Vulnerability Scanner.

Xattacker ⭐ 1,486

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Lunasec ⭐ 1,355

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunase

Noseyparker ⭐ 1,313

Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

A Red Teamer Diaries ⭐ 1,294

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Vhostscan ⭐ 1,161

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Changeme ⭐ 1,058

A default credential scanner.

Perun ⭐ 1,037

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫

Cve Bin Tool ⭐ 997

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

A flexible scanner

Ssh Snake ⭐ 874

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Template ⭐ 866

Next generation RedTeam heuristic intranet scanning | 下一代RedTeam启发式内网扫描

Web Cache Vulnerability Scanner ⭐ 756

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Leaky Paths ⭐ 746

A collection of special paths linked to common internal paths, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Kube Scan ⭐ 734

kube-scan: Octarine k8s cluster risk assessment tool

Security scanner coordinator

Witnessme ⭐ 696

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Scant3r ⭐ 657

ScanT3r - Module based Bug Bounty Automation Tool

Autopwn Suite ⭐ 636

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Ronin is a Free and Open Source Ruby Toolkit for Security Research and Development. Ronin also allows for the rapid development and distribution of code, exploits, payloads, etc, via 3rd party git repositories.

Patrowlmanager ⭐ 598

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Opensquat ⭐ 576

The openSquat project is an open-source solution for detecting phishing domains and domain squatting. It searches for newly registered domains that impersonate legitimate domains on a daily basis.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Hellraiser ⭐ 551

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Envizon ⭐ 519

network visualization & pentest reporting

Kubestriker ⭐ 500

A Blazing fast Security Auditing tool for Kubernetes

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Evilscan ⭐ 471

NodeJS Simple Network Scanner

JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.

Awesome Bbht ⭐ 390

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

A Virtual environment for Pentesting IoT Devices

Local Log4j Vuln Scanner ⭐ 386

Simple local scanner for vulnerable log4j instances

Web application vulnerability scanner

WEB SERVICE SECURITY ASSESSMENT TOOL

Ostorlab ⭐ 327

Ostorlab is a security scanning orchestrator for the modern age.

SBSCAN是一款专注于spring框架的渗透测试工具，可以对指定站点进行springboot未授权 [SBSCAN is a penetration testing tool focused on the spring framework that can scan springboot sensitive information/unauthorized for specified sites and scan and validate spring related vulnerabilities]

Watchdog ⭐ 309

Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.

Web-based Source Code Vulnerability Scanner

EyeJo是一款自动化资产风险评估平台，可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查，快

Reconnote ⭐ 274

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Lazytrivy ⭐ 258

Vulnerability scanning just got lazier

Salt Scanner ⭐ 255

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

EMBArk - The firmware security scanning environment

Patrowlengines ⭐ 240

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Nimscan ⭐ 218

🚀 Fast Port Scanner 🚀

Pillager ⭐ 178

Pillage filesystems for sensitive information with Go 🔍

Recsech ⭐ 161

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Metaradar ⭐ 157

The app for BLE ether monitoring tracks your environment, finds some devices, makes relations between devices around you, and tracks devices' movements.

Log4jscanwin ⭐ 154

Log4j Vulnerability Scanner for Windows

Scanner And Patcher ⭐ 145

A Web Vulnerability Scanner and Patcher

Computer Forensics ⭐ 145

The best tools and resources for forensic analysis.

Tugarecon ⭐ 144

Pentest: Subdomains enumeration tool for penetration testers.

NERVE Continuous Vulnerability Scanner

Skanuvaty ⭐ 140

Dangerously fast DNS/network/port scanner

Detexploit ⭐ 139

OSS Vulnerability Scanner for Windows Platform

Patrowldocs ⭐ 118

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.

Cloud Discovery ⭐ 113

Cloud Discovery provides a point in time enumeration of all the cloud native platform services

Shonydanza ⭐ 110

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Docker Ssllabs Scan ⭐ 106

Qualys sslabs-scan utility in a tiny docker image

Mixewayhub ⭐ 92

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

Seeyon Exploit ⭐ 84

致远OA漏洞检测

Aqua Helm ⭐ 82

Helm Charts For Installing Aqua Security Components

Cloudhunter ⭐ 78

AWS, Azure, Alibaba and Google bucket scanner

Kubelight ⭐ 76

OWASP Kubernetes security and compliance tool [WIP]

Intercept ⭐ 74

INTERCEPT / Policy as Code Auditing / SAST for Code & APIs

Py Gitguardian ⭐ 68

Python API client library for the GitGuardian API

Cryptonice ⭐ 67

CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.

Massvulscan ⭐ 62

Bash script which quickly identifies open network ports and any associated vulnerabilities / Script Bash qui permet d'identifier rapidement les ports réseaux ouverts et les éventuelles vulnérabilités associées.

Arp Scan Rs ⭐ 60

A minimalistic ARP scan tool written in Rust for fast local network scans

HikPwn, a simple scanner for Hikvision devices with basic vulnerability scanning capabilities written in Python 3.8.

Certverify ⭐ 57

A scanner that files with compromised or untrusted code signing certificates written in python.

A modular exploitation framework extensible with Lua

Shellshockhunter ⭐ 52

It's a simple tool for test vulnerability shellshock

Cluster Image Scanner ⭐ 50

Discover vulnerabilities and container image misconfiguration in production environments.

Deepfence_runtime_api ⭐ 50

Deepfence Runtime API & code samples

Cve 2021 3129 ⭐ 48

Laravel RCE (CVE-2021-3129)

Ipwarden ⭐ 42

IPWarden（守望者）是一个IP资产风险巡查工具。持续发现系统、Web两个维度的资产和安全风险。

Scan secrets from Continuous Integration Build Logs

Multiscanner ⭐ 40

Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.

Related Searches

Java Scanner (1,470)

Python Scanner (1,462)

Javascript Scanner (1,359)

C Plus Plus Scanner (841)

Security Scanner (741)

Golang Scanner (733)

Shell Scanner (728)

Scanner Qrcode (727)

Vulnerabilities Scanner (707)

C Scanner (616)

1-100 of 105 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2025 Awesome Open Source. All rights reserved.