English | 简体中文
Scanners Box also known as scanbox, is a powerful hacker toolkit, which has collected more than 10 categories of open source scanners from Github, including subdomain, database, middleware and other modular design scanner etc. But for other Well-known scanning tools, such as nmap, w3af, brakeman, arachni, nikto, metasploit, aircrack-ng will not be included in the scope of collection.
- Subdomain Enumeration or Takeover
- Database SQL Injection Vulnerability or Brute Force
- Weak Usernames or Passwords Enumeration For Web
- Authorization Brute Force or Vulnerability Scan For IoT
- Mutiple types of Cross-site scripting Detection
- Enterprise Assets Management or Data Protection
- Malicious Scripts or Binary Malware Detection
- Intranet Penetration
- Vulnerability Assessment for Middleware or Information Leak Scan
- Special Components or Vulnerability Categories Scan
- Vulnerability Assessment for Wireless Network
- Local Area Network detection
- Dynamic or Static Code Analysis
- Modular Design Scanners or Vulnerability Detecting Framework
- Advanced Persistent Threat
- https://github.com/lijiejie/subDomainsBrute - A classical subdomain enumeration Tool by lijiejie
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/ring04h/wydomain - A Speed and Precision subdomain enumeration Tool by ringzero
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/le4f/dnsmaper - Subdomain enumeration tool with map record
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/0xbug/orangescan - Online subdomain enumeration tool
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/TheRook/subbrute - A DNS meta-query spider that enumerates DNS records, and subdomains,supported API
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/We5ter/GSDF - Subdomain enumeration via Google certificate transparency
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/mandatoryprogrammer/cloudflare_enum - Subdomain enumeration via CloudFlare
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/guelfoweb/knock - Knock subdomain scan
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/exp-db/PythonPool/tree/master/Tools/DomainSeeker - An intergratd Python subdomain enumeration tool
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/code-scan/BroDomain - Find brother domain
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/chuhades/dnsbrute - A fast domain brute tool
Rating: 🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✖️
- https://github.com/yanxiu0614/subdomain3 - A simple and fast tool for bruting subdomains
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/michenriksen/aquatone - A powerful subdomain tool and domain takeovers finding tools
Rating: 🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/evilsocket/dnssearch - A subdomain enumeration tool
Rating: 🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✖️
- https://github.com/reconned/domained - Subdomain enumeration tools for bug hunting
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/bit4woo/Teemo - A domain name & Email address collection tool
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/laramies/theHarvester - E-mail, subdomain and people names harvester
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/nmalcolm/Inventus - A spider designed to find subdomains of a specific domain by crawling it
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✖️
- https://github.com/aboul3la/Sublist3r - Fast subdomains enumeration tool for penetration testers
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/jonluca/Anubis - Subdomain enumeration and information gathering tool
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/n4xh4ck5/N4xD0rk - Listing subdomains about a main domain
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/infosec-au/altdns - Subdomain discovery through alterations and permutations
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/FeeiCN/ESD - Enumeration sub domains tool,based on AsyncIO and non-repeating dict
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/UnaPibaGeek/ctfr - Abusing certificate transparency logs for getting HTTPS websites subdomains
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/giovanifss/Dumb - Dumain Bruteforcer, a fast and flexible domain bruteforcer
Rating: 🌟🌟🌟🌟 | Language: Haskell | Ongoing[last 6 months]: ✖️
- https://github.com/caffix/amass - Subdomain enumeration in Go
Rating: 🌟🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/Ice3man543/subfinder - A subdomain discovery tool which has a simple modular architecture and has been aimed as a successor to sublist3r project
Rating: 🌟🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/Ice3man543/SubOver - A powerful subdomain takeover tool
Rating: 🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/janniskirschner/horn3t - Powerful Visual Subdomain Enumeration
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/0xbug/SQLiScanner - A SQLi vulnerability scanner via SQLMAP and Charles
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/stamparm/DSSS - A SQLi vulnerability scanner with 99 lines of code
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/youngyangyang04/NoSQLAttack - A SQLi vulnerability scanner for mongoDB
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Neohapsis/bbqsql - A blind SQLi vulnerability scanner
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/NetSPI/PowerUpSQL - A SQLi vulnerability scanner with Powershell script
Rating: 🌟🌟🌟🌟 | Language: Powershell | Ongoing[last 6 months]: ✔️
- https://github.com/WhitewidowScanner/whitewidow - Another SQL vulnerability scanner
Rating: 🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✖️
- https://github.com/stampery/mongoaudit - A powerful MongoDB auditing and pentesting tool
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/torque59/Nosql-Exploitation-Framework - A Python framework For NoSQL scanning and exploitation
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/missDronio/blindy - Simple script to automate brutforcing blind sql injection vulnerabilities
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/fengxuangit/Fox-scan - A initiative and passive SQL injection vulnerable test tools
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/JohnTroony/Blisqy - Exploit time-based blind-SQL injection in HTTP-Headers
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/ron190/jsql-injection - A lightweight application used to find database information from a distant server
Rating: 🌟🌟🌟 | Language: Java | Ongoing[last 6 months]: ✖️
- https://github.com/Hadesy2k/sqliv - Massive SQL injection vulnerability scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/s0md3v/sqlmate - A friend of SQLmap which will do what you always expected from SQLmap
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/m8r0wn/enumdb - MySQL and MSSQL brute force and post exploitation tool
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/lijiejie/htpwdScan - A python HTTP weak pass scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/netxfly/crack_ssh - SSH, Redis, mongoDB weak password bruteforcer
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/shengqi158/weak_password_detect - A python HTTP weak password scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/s0md3v/Blazy - a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/MooseDojo/myBFF - Web application brute force framework,supports Citrix Gateway,CiscoVPN and so on
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/rapid7/IoTSeeker - Weak-password IoT devices scanner
Rating: 🌟🌟🌟 | Language: Perl | Ongoing[last 6 months]: ✖️
- https://github.com/shodan-labs/iotdb - IoT Devices scanner via nmap
Rating: 🌟🌟🌟 | Language: XML | Ongoing[last 6 months]: ✖️
- https://github.com/googleinurl/RouterHunterBR - Testing vulnerabilities in devices and routers connected to the Internet
Rating: 🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/scu-igroup/telnet-scanner - Weak telnet password scanner based on password enumeration
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/viraintel/OWASP-Nettacker - Network information gathering vulnerability scanner,most useful to scan IoT
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/threat9/routersploit - Exploitation Framework for embedded Devices,such as router
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/w3h/icsmaster/tree/master/nse - Digital bond's ICS enumeration tools
Rating: 🌟🌟🌟 | Language: NSE | Ongoing[last 6 months]: ✖️
- https://github.com/0x584A/fuzzXssPHP - A very simple reflected XSS scanner supports GET/POST
Rating: 🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/chuhades/xss_scan - Reflected XSS scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/BlackHole1/autoFindXssAndCsrf - A plugin for browser that checks automatically whether a page haves XSS and CSRF vulnerabilities
Rating: 🌟🌟 | Language: Javascript | Ongoing[last 6 months]: ✖️
- https://github.com/shogunlab/shuriken - XSS command line tool for testing lists of XSS payloads on web apps
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/s0md3v/XSStrike - Fuzz and bruteforce parameters for XSS, WAFs detect and bypass
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/stamparm/DSXS - A fully functional cross-site scripting vulnerability scanner,supporting GET and POST parameters,and written in under 100 lines of code
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/ysrc/xunfeng - Vulnerability rapid response,scanning system for intranet
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/x0day/Multisearch-v2 - Enterprise assets collector based on search engine
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Ekultek/Zeus-Scanner - An advanced dork searching tool that is capable of finding IP address /URL blocked by search engine,and can run sqlmap and nmap scans on the URL's
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/0xbug/Biu-framework - Security scan framework For enterprise intranet based services
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/metac0rtex/GitHarvester - Used for harvesting information from GitHub
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/repoog/GitPrey - Searching sensitive files and contents in GitHub
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/0xbug/Hawkeye - Github leak scan for enterprise
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/UnkL4b/GitMiner - Advanced search tool and automation in Github
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/dxa4481/truffleHog - Searches high entropy strings through git repositories
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/1N3/Goohak - Automatically launch Google hacking queries against a target domain
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/UKHomeOffice/repo-security-scanner - CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys
Rating: 🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✖️
- https://github.com/FeeiCN/GSIL - Github sensitive information leakage scan
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/MiSecurity/x-patrol - Github leaked patrol
Rating: 🌟🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/anshumanbh/git-all-secrets - A tool to capture all the git secrets by leveraging multiple open source git searching tools
Rating: 🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/VKSRC/Github-Monitor - Github sensitive information leakage monitor by vipkid SRC
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/he1m4n6a/findWebshell -Simple webshell detector
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Tencent/HaboMalHunter -Used for automated malware analysis and security assessment on the Linux system
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/PlagueScanner/PlagueScanner - Open source multiple AV scanner framework
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/nbs-system/php-malware-finder - An awesome tool to detect potentially malicious PHP files
Rating: 🌟🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✔️
- https://github.com/emposha/PHP-Shell-Detector - Helps you find and identify PHP/Perl/Asp/Aspx shells
Rating: 🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/erevus-cn/scan_webshell - Simple webshell detector
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/emposha/Shell-Detector - A application that helps you find and identify PHP/Perl/Asp/Aspx shells
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/m4rco-/dorothy2 - A malware/botnet analysis framework written in Ruby
Rating: 🌟🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✖️
- https://github.com/droidefense/engine - Advance Android malware analysis framework
Rating: 🌟🌟🌟🌟🌟 | Language: Java | Ongoing[last 6 months]: ✔️
- https://github.com/lcatro/network_backdoor_scanner - An internal network scanner like meterpreter
Rating: 🌟🌟🌟 | Language: C++ | Ongoing[last 6 months]: ✖️
- https://github.com/fdiskyou/hunter - User hunter using WinAPI calls only
Rating: 🌟🌟 | Language: C++ | Ongoing[last 6 months]: ✖️
- https://github.com/BlackHole1/WebRtcXSS - Use XSS automation invade intranet
Rating: 🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/ring04h/wyportmap - Target port scanning + system service fingerprint recognition
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/ring04h/weakfilescan - Dynamic multi - thread sensitive information leak detection tool
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/EnableSecurity/wafw00f - Identify and fingerprint Web Application Firewall
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/rbsec/sslscan - Tests SSL/TLS enabled services to discover supported cipher suites
Rating: 🌟🌟🌟🌟 | Language: C | Ongoing[last 6 months]: ✔️
- https://github.com/urbanadventurer/whatweb - Website fingerprinter
Rating: 🌟🌟🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✔️
- https://github.com/tanjiti/FingerPrint - Another website fingerprinter
Rating: 🌟🌟 | Language: Perl | Ongoing[last 6 months]: ✖️
- https://github.com/nanshihui/Scan-T - A new spider based on Python with more function including Network fingerprint search
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/OffensivePython/Nscan - Fast internet-wide scanner
Rating: 🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/ywolf/F-NAScan - Scanning a network asset information script
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/maurosoria/dirsearch - Web path scanner
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/x0day/bannerscan - C-segment Banner with path scanner
Rating: 🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/RASSec/RASscan - Internal network port speed scanners
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/3xp10it/bypass_waf - Automatic WAF Bypass Fuzzing Tool
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/3xp10it/xcdn - Try to find out the actual ip behind cdn
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/Xyntax/BingC - Based on the Bing search engine C / side-stop query, multi-threaded, supported API
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Xyntax/DirBrute - Multi-thread web directory enumerating tool
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/zer0h/httpscan - A HTTP service detector with a crawler from IP/CIDR
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/lietdai/doom - Distributed task distribution of the IP port vulnerability scanner based on thorn
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/chichou/grab.js - Fast TCP banner grabbing like zgrab, but supports much more protocol
Rating: 🌟🌟🌟 | Language: Node.js | Ongoing[last 6 months]: ✖️
- https://github.com/Nitr4x/whichCDN - Detect if a given website is protected by a CDN
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/secfree/bcrpscan - Base on crawler result web path scanner
Rating: 🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/mozilla/ssh_scan - A prototype SSH configuration and policy scanner
Rating: 🌟🌟🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✔️
- https://github.com/18F/domain-scan - Scans domains for data on their HTTPS configuration and assorted other things
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/ggusoft/inforfinder - A tool made to collect information of any domain pointing at a server and fingerprinter
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/boy-hack/gwhatweb - Fingerprinter for CMS
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Mosuan/FileScan - Sensitive files scanner
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Xyntax/FileSensor - Dynamic file detection tool based on crawler
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/deibit/cansina - Web content discovery tool
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/mozilla/cipherscan - A very simple way to find out which SSL ciphersuites are supported by a target
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/Bash Shell | Ongoing[last 6 months]: ✔️
- https://github.com/xmendez/wfuzz - Web application framework and web content scanner
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/s0md3v/Breacher - An advanced multithreaded admin panel finder written in Python
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/ztgrace/changeme - A default credential scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/medbenali/CyberScan - An open source penetration testing tool that can analyse packets,decoding,scanning ports, pinging and geolocation of an IP
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/m0nad/HellRaiser - HellRaiser scan with nmap then correlates cpe's found with cve-search to enumerate vulnerabilities
Rating: 🌟🌟🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✖️
- https://github.com/scipag/vulscan - Advanced vulnerability scanning with Nmap NSE
Rating: 🌟🌟 | Language: NSE | Ongoing[last 6 months]: ✖️
- https://github.com/jekyc/wig - WebApp information gatherer
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/eldraco/domain_analyzer - Analyze the security of any domain by finding all the information possible
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/cloudtracer/paskto - Passive directory scanner and web crawler based on Nikto DB
Rating: 🌟🌟🌟🌟🌟 | Language: Node.js | Ongoing[last 6 months]: ✔️
- https://github.com/zerokeeper/WebEye - A web service and WAF fingerprinter
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]:
- https://github.com/m3liot/shcheck - Just check security headers on a target website
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/aipengjie/sensitivefilescan - A speed and awesome sensitive files scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/fnk0c/cangibrina - A fast and powerfull dashboard (admin) finder
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/n4xh4ck5/CMSsc4n - Tool to identify if a domain is a CMS such as Wordpress, Moodle, Joomla
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Ekultek/WhatWaf - Detect and bypass web application firewalls and protection systems
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/dzonerzy/goWAPT - Go web application penetration test and web application fuzz tool
Rating: 🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✖️
- https://github.com/blackye/webdirdig - Sensitive files scanner
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/GitHackTools/BillCipher - Information gathering tool for a website or IP address
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/boy-hack/w8fuckcdn - Get the website real IP address by scanning the entire net
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/boy-hack/w11scan - Distributed web fingerprint identification platform
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Nekmo/dirhunt - Find web directories without bruteforce
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/MetaChar/pyHAWK - Searches the directory of choice for interesting files. Such as database files and files with passwords stored on them
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/H4ckForJob/dirmap - An advanced web directory scanning tool that will be more powerful than DirBuster, Dirsearch, cansina, and Yu Jian
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/s0md3v/Photon - **Incredibly fast crawler which extracts urls, emails, files, website accounts and much more
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/1N3/BlackWidow - Gather OSINT and fuzz for OWASP vulnerabilities on a target website
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/1N3/XSSTracer - A small python script to check for cross-Site tracing, Clickjacking etc
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/shengqi158/svnhack - A
.svn
folder disclosure exploit
Rating: 🌟🌟🌟 | Language: NSE | Ongoing[last 6 months]: ✖️
- https://github.com/lijiejie/GitHack - A
.git
folder disclosure exploit
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/blackye/Jenkins - Jenkins vulnerability detection, user grab enumerating
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/code-scan/dzscan - discuz scanner
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/chuhades/CMS-Exploit-Framework -CMS exploit framework
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/lijiejie/IIS_shortname_Scanner - An IIS shortname scanner
Rating: 🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/riusksk/FlashScanner - Flash XSS scanner
Rating: 🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/epinna/tplmap - Automatic Server-Side Template Injection detection and exploitation tool
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/cr0hn/dockerscan - Docker security analysis & hacking tools
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/m4ll0k/WPSeku - Simple Wordpress security scanner
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/rastating/wordpress-exploit-framework - Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems
Rating: 🌟🌟🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✔️
- https://github.com/ilmila/J2EEScan - A plugin for Burp Suite proxy to improve the test coverage during web application penetration tests on J2EE applications
Rating: 🌟🌟 | Language: Java | Ongoing[last 6 months]: ✖️
- https://github.com/riusksk/StrutScan - Struts2 vuls scanner base Perl script
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/D35m0nd142/LFISuite - Totally automatic LFI exploiterand scanner supports reverse shell
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/0x4D31/salt-scanner - Linux vulnerability scanner based on Salt Open and vulners audit API, with Slack notifications and JIRA integration
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/tijme/angularjs-csti-scanner - Automated client-side template injection detection for AngularJS
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/irsdl/IIS-ShortName-Scanner - Scanners for IIS short filename 8.3 disclosure vulnerability
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/swisskyrepo/Wordpresscan - WPScan rewritten in Python + some WPSeku ideas
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/CHYbeta/cmsPoc - CMS exploit framework
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/3gstudent/Smbtouch-Scanner - Automatically scan the inner network to detect whether they are vulnerable
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/OsandaMalith/LFiFreak - A unique automated LFI exploiter with bind/reverse shells
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/mak-/parameth - This tool can be used to brute discover GET and POST parameters
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Lucifer1993/struts-scan - Struts2 vuls scanner,supported all vuls
Rating: 🌟🌟🌟🌟🌟 | Language: C#/Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/hahwul/a2sv - Auto scanning to SSL vulnerability, such as heartbleed etc
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/NickstaDB/BaRMIe - Java RMI enumeration and attack tool
Rating: 🌟🌟🌟 | Language: Java | Ongoing[last 6 months]: ✖️
- https://github.com/RetireJS/grunt-retire - Scanner detecting the use of Javascript libraries with known vulnerabilities
Rating: 🌟🌟🌟🌟 | Language: Node.js | Ongoing[last 6 months]: ✔️
- https://github.com/kotobukki/BDA - The vulnerability detector for Hadoop and Spark
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/jagracey/Regex-DoS - RegEx Denial of service scanner for Node.js package
Rating: 🌟🌟🌟🌟 | Language: Node.js | Ongoing[last 6 months]: ✖️
- https://github.com/milesrichardson/docker-onion-nmap - Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq
Rating: 🌟🌟🌟🌟 | Language: Bash Shell | Ongoing[last 6 months]: ✖️
- https://github.com/Moham3dRiahi/XAttacker - Web CMS exploit framework
Rating: 🌟🌟🌟🌟🌟 | Language: Perl | Ongoing[last 6 months]: ✖️
- https://github.com/lijiejie/BBScan - A tiny batch web vulnerability scanner
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/almandin/fuxploider - File upload vulnerability scanner and exploitation tool
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/Jamalc0m/wphunter - A Wordpress vulnerability scanner
Rating: 🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/retirejs/retire.js - A scanner detecting the use of Javascript libraries with known vulnerabilities
Rating: 🌟🌟🌟🌟 | Language: Node.js | Ongoing[last 6 months]: ✔️
- https://github.com/3xp10it/xupload - A tool for automatically testing whether the upload function can upload webshell
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/mobrine-mob/M0B-tool - Auto detect CMS and exploit
Rating: 🌟🌟 | Language: Perl | Ongoing[last 6 months]: ✖️
- https://github.com/rezasp/vbscan - OWASP VBScan is a Black Box vBulletin vulnerability scanner
Rating: 🌟🌟🌟🌟🌟 | Language: Perl | Ongoing[last 6 months]: ✔️
- https://github.com/MrSqar-Ye/BadMod - Detect websites CMS & auto exploit
Rating: 🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]:
- https://github.com/Tuhinshubhra/CMSeeK - CMS detection and exploitation suite
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/cloudsploit/scans - AWS security scanning checks
Rating: 🌟🌟🌟🌟 | Language: Node.js | Ongoing[last 6 months]: ✔️
- https://github.com/radenvodka/SVScanner - Scanner vulnerability and massive exploit for Wordpress,Magento,Joomla and so on
Rating: 🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✔️
- https://github.com/rezasp/joomscan - OWASP Joomla vulnerability scanner project
Rating: 🌟🌟🌟🌟🌟 | Language: Perl | Ongoing[last 6 months]: ✔️
- https://github.com/6IX7ine/djangohunter - Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/vulmon/Vulmap - Local vulnerability scanning programs for Windows and Linux operating systems
Rating: 🌟🌟🌟🌟 | Language: Powershell/Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/seungsoo-lee/DELTA - Sdn security evaluation framework
Rating: 🌟🌟🌟🌟 | Language: Java/Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/thelinuxchoice/facebash - Facebook Brute Forcer in shellscript using TOR
Rating: 🌟🌟🌟🌟 | Language: Bash Shell | Ongoing[last 6 months]: ✔️
- https://github.com/savio-code/fern-wifi-cracker - Testing and discovering flaws in ones own network
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/P0cL4bs/WiFi-Pumpkin - Framework for Rogue Wi-Fi Access Point Attack
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/MisterBianco/BoopSuite - A Suite of Tools written in Python for wireless auditing and security testing
Rating: 🌟🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/besimaltnok/PiFinger - Searches for wifi-pineapple traces and calculate wireless network security score
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/derv82/wifite2 - A complete re-write of Wifite,Automated Wireless Attack Tool
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/m4n3dw0lf/PytheM - Multi-purpose network pentest framework
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/sowish/LNScan - Local Network Scanner based on BBScan via.lijiejie
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/niloofarkheirkhah/nili - Tool for Network Scan, Man in the Middle, Protocol Reverse Engineering and Fuzzing
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/SkyLined/LocalNetworkScanner - PoC Javascript that scans your local network when you open a webpage
Rating: 🌟🌟🌟 | Language: Javascript | Ongoing[last 6 months]: ✖️
- https://github.com/wufeifei/cobra - A static code analysis system that automates the detecting vulnerabilities and security issue
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/OneSourceCat/phpvulhunter - A tool that can scan php vulnerabilities automatically using static analysis methods
Rating: 🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/Qihoo360/phptrace - A tracing and troubleshooting tool for PHP scripts
Rating: 🌟🌟🌟🌟 | Language: C | Ongoing[last 6 months]: ✖️
- https://github.com/ajinabraham/NodeJsScan - A static security code scanner for Node.js applications
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/shengqi158/pyvulhunter - A static security code scanner for Python applications
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/python-security/pyt - A static analysis tool for detecting security vulnerabilities in Python web applications
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/emanuil/php-reaper - PHP tool to scan ADOdb code for SQL injections
Rating: 🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/lowjoel/phortress - A PHP static code analyser for potential vulnerabilities
Rating: 🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/infobyte/faraday - Collaborative penetration test and vulnerability management platform
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/az0ne/AZScanner - Automatic all-around scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/blackye/lalascan - Distributed web vulnerability scanning framework
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/blackye/BkScanner - Distributed, plug-in web vulnerability scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/ysrc/GourdScanV2 - Passive vulnerability scanning system
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/netxfly/passive_scan - Realization of web vulnerability scanner based on http proxy
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/1N3/Sn1per - Automated pentest recon scanner
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/RASSec/pentestEr_Fully-automatic-scanner - Directional fully automated penetration testing
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Lcys/lcyscan - A vuls scanner, plugins supported
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Xyntax/POC-T - Penetration test plug-in concurrency framework
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/v3n0m-Scanner/V3n0M-Scanner - Scanner in Python3.5 for SQLi/XSS/LFI/RFI and other vulns
Rating: 🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✖️
- https://github.com/Skycrab/leakScan - Multiple vuls scan supports web interface
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/zhangzhenfeng/AnyScan - A automated penetration testing framework
Rating: 🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Tuhinshubhra/RED_HAWK - An all In one tool For information gathering, SQL vulnerability scanning and crawling, coded In PHP
Rating: 🌟🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/swisskyrepo/DamnWebScanner - Another web vulnerabilities scanner, this extension works on Chrome and Opera
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/anilbaranyelken/tulpar - Web Vulnerability Scanner written in Python,supported multiple web vulnerabilities scan
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/m4ll0k/Spaghetti - A web application security scanner tool,designed to find various default and insecure files, configurations and misconfigurations
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest - An automated penetration testing tool this tool will auditing all standard security test method for you
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/0xsauby/yasuo - ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Rating: 🌟🌟🌟 | Language: Ruby | Ongoing[last 6 months]: ✖️
- https://github.com/hatRiot/clusterd - application server attack toolkit
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/erevus-cn/pocscan - Open source and distributed web vulnerability scanning framework
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/TophantTechnology/osprey - Distributed web vulnerability scanning framework
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/yangbh/Hammer - A web vulnerability scanner framework
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Lucifer1993/AngelSword - Web vulnerability scanner framework based on python3
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/zaproxy/zaproxy - One of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers
Rating: 🌟🌟🌟🌟 | Language: Java | Ongoing[last 6 months]: ✔️
- https://github.com/s0md3v/Striker - Striker is an offensive information and vulnerability scanner
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/dermotblair/webvulscan - Written in PHP and can be used to test remote, or local, web applications for security vulnerabilities
Rating: 🌟🌟 | Language: PHP | Ongoing[last 6 months]: ✖️
- https://github.com/alienwithin/OWASP-mth3l3m3nt-framework - Penetration testing aiding tool and exploitation framework
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/toyakula/luna - An open-source web security scanner which is based on reduced-code passive scanning framework
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/Manisso/fsociety - A Penetration Testing Framework including Information Gathering,Wireless Testing,Web Hacking and so on
Rating: 🌟🌟🌟 | Language: Python 2.x/3.x | Ongoing[last 6 months]: ✔️
- https://github.com/boy-hack/w9scan - A web vulnerability scanner framework,running with 1200+ plugins
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/YalcinYolalan/WSSAT - Web service security assessment tool,provide simple .exe application to use based on Windows OS
Rating: 🌟🌟 | Language: C# | Ongoing[last 6 months]: ✖️
- https://github.com/AmyangXYZ/AssassinGo - An extenisble and concurrency pentest framework in Go
Rating: 🌟🌟🌟🌟 | Language: Go | Ongoing[last 6 months]: ✔️
- https://github.com/m4ll0k/Galileo - Web application audit framework,like metasploit
Rating: 🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/joker25000/Optiva-Framework - Web Application Scanner
Rating: 🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✖️
- https://github.com/theInfectedDrake/TIDoS-Framework - The offensive web application penetration testing framework
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/TideSec/WDScanner - A full-featured vulnerability scanner for enterprise security
Rating: 🌟🌟🌟🌟 | Language: Python 2.x/PHP | Ongoing[last 6 months]: ✔️
- https://github.com/j3ssie/Osmedeus - Fully automated offensive security tool for reconnaissance and vulnerability scanning
Rating: 🌟🌟🌟🌟 | Language: Python 3.x | Ongoing[last 6 months]: ✔️
- https://github.com/jeffzh3ng/Fuxi-Scanner - Open source network security vulnerability scanner with asset discovery & management
Rating: 🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
- https://github.com/Neo23x0/Loki - Simple IOC and Incident Response Scanner
Rating: 🌟🌟🌟🌟🌟 | Language: Python 2.x | Ongoing[last 6 months]: ✔️
The purpose of this collection is to provide various types of open-source security scanners that can help companies to be more safer.
[↑] means update scanner URL or description
[+] means add scanner
[-] means remove scanner
[category] means change scanner category
[contributor] means add someone to Acknowledgments
Wester(Twitter @Zhiyang Zeng) & Martin(Twitter @Martin Chow)
Do not use for illegal purposes.
If you have any questions about this project ,or you have found some valuable scanners, please feel free to tell us :)
scanbox is released under the Mozilla license.
It's happy to see that this repository has been widely spreaded in information security community, but I hope everyone could respect knowledge and our efforts, so please specify reproduced from https://github.com/We5ter/Scanners-Box in your articles, and please do not republish this article for profit.
We would like to thanks the following security researchers for their valuable feedbacks amd suggestions.
- @0c0c0f
- @藏形匿影
- @Mottoin team
- @BlackHole
- @CodeColorist
- @3xp10it
- @re4lity
- @s0md3v
- @boy-hack
- @marsII
- @tom0li
- @hksanduo
- @alexlauerman
- @MedivhMT
©Sixtant Security Lab 2019