Top #scan Tools & Software

trufflehog

github

Find, verify, and analyze leaked credentials

RustScan

github

🤖 The Modern Port Scanner 🤖

fscan

github

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)

wpscan

github

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

yakit

github

Cyber Security ALL-IN-ONE Platform

awesome-web-hacking

github

A list of web application security

NetAlertX

github

Centralized network visibility and continuous asset discovery. Monitor devices, detect change, and stay aware across distributed networks.

Ladon

github

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等，大量高危漏洞检测模块MS17010、Zimbra、Exchange

w3af

github

w3af: web application attack and audit framework, the open source web vulnerability scanner.

WebHackersWeapons

github

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

kscan

github

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种。

retire.js

github

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

ivre

github

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.

sslyze

github

Fast and powerful SSL/TLS scanning library.

xunfeng

github

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

SecretScanner

github

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

nodejsscan

github

nodejsscan is a static security code scanner for Node.js applications.

Pi.Alert

github

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

noseyparker

github

Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.

SSH-Snake

github

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

goHackTools

github

Hacker tools on Go (Golang)