Vulnerability Scanners

  • nuclei - Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.

  • Sn1per - Automated pentest framework for offensive security experts

  • metasploit-framework - Metasploit Framework

  • nikto - Nikto web server scanner

  • arachni - Web Application Security Scanner Framework

  • jaeles - The Swiss Army knife for automated Web Application Testing

  • retire.js - scanner detecting the use of JavaScript libraries with known vulnerabilities

  • Osmedeus - Fully automated offensive security framework for reconnaissance and vulnerability scanning

  • getsploit - Command line utility for searching and downloading exploits

  • flan - A pretty sweet vulnerability scanner

  • Findsploit - Find exploits in local and online databases instantly

  • BlackWidow - A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

  • backslash-powered-scanner - Finds unknown classes of injection vulnerabilities

  • Eagle - Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

  • cariddi - Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Last updated