41 Open-source and Free Vulnerability Scanners For Pentesting and Web App Security

41 Open-source and Free Vulnerability Scanners For Pentesting and Web App Security
Photo by Nahel Abdul Hadi / Unsplash

Vulnerability scanners are software applications that monitor systems for potential security threats. These tools scan your network and systems for vulnerabilities that could be exploited by hackers. They check for unpatched software, insecure system configurations, and other weaknesses.

Vulnerability Scanners for Web Apps

Web application vulnerability scanners, specifically, are designed to scan web applications for vulnerabilities such as SQL injection, cross-site scripting (XSS), and path traversal vulnerabilities.

They are important because they automate the process of checking web applications for security vulnerabilities, which can be a time-consuming and complex task. By identifying vulnerabilities early, organizations can address them before they are exploited by hackers.

Vulnerability Scanners for HIPAA and GDPR Compliance

Vulnerability scanners are particularly crucial in maintaining compliance with regulations such as HIPAA (Health Insurance Portability and Accountability Act) and GDPR (General Data Protection Regulation). These regulations require organizations to take adequate measures to protect sensitive data like healthcare and personal information. By identifying and addressing vulnerabilities, businesses can ensure they are not inadvertently exposing such sensitive data.

For Enterprise

In an enterprise setting, vulnerability scanners are pivotal. They help maintain the security of large networks with numerous connected devices.

They can monitor these networks continuously, providing regular updates about potential vulnerabilities and helping enterprises to stay ahead of potential security threats.

The ability to scan on a schedule, or continuously, ensures that new vulnerabilities are identified as soon as possible, reducing the window of opportunity for attackers. They also provide detailed reports, which can help in auditing and demonstrating compliance with various security standards.

In this post, we offer you the best open-source Vulnerability Scanners

1- vMass Bot

vMass Bot is an open-source and free tool that automates the exploitation of remote hosts by finding environment files, extracting tools and information, detecting the target's CMS, and attempting to auto-exploit and upload shell payload.

It can generate host lists from various sources if no target list is provided. Extracted tools can be filtered and tested, and the bot can also use hosts with phpmyadmin access for auto upload if CMS exploits fail. Results can be delivered to a Telegram channel, and the entire process can be automated using the AUTOPILOT option.

vMass Bot is a Free Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
vMass Bot is an open-source project that automates the exploitation of remote hosts by searching for environment files (.env) and extracting tools and information. It can generate host lists, filter and test extracted tools, and use WordPress hosts for automatic upload. The entire process can be aut…
GitHub - azizz98/vMass: vMass Bot Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl. - GitHub - azizz98/vMass: vMass Bot Vulnerability Scanner & Auto Exploiter Tool Written in Perl.

2- Vuls: VULnerability Scanner

Vuls is an open-source, agent-less vulnerability scanner for various operating systems and environments. It helps system administrators by automatically detecting vulnerabilities, informing about affected servers, and generating regular reports.

It supports major Linux, FreeBSD, Windows, macOS systems, and can be used in cloud, on-premise, and Docker container environments.

It also enables DevOps to scan containers, and and provide nondestructive testing for all.

Vuls also include a strong suite to test WordPress, and its plugins and themes.

GitHub - future-architect/vuls: Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices - GitHub - future-architect/vuls: Agent-less vulnerability scanner for Lin…

3- VulnX

Vulnx is an intelligent bot that can automatically inject shells and detect security vulnerabilities in CMS systems. It can perform quick CMS security detection, information collection, and vulnerability scanning. Unlike other tools that require manual shell injection, Vulnx analyzes the target website for vulnerabilities and injects the shell if a vulnerability is detected.

Features

  • Detects cms (WordPress, Joomla, PrestaShop, Drupal, opencart, Magento, lokomedia)
  • Target information gatherings
  • Target Subdomains gathering
  • Multi-threading on demand
  • Checks for vulnerabilities
  • Auto shell injector
  • Exploit dork searcher
  • Ports Scan High Level
  • Dns-Servers Dump
  • Input multiple target to scan.
  • Dorks Listing by Name by ExploitName.
  • Export multiple target from Dorks into a logfile.
GitHub - anouarbensaad/vulnx: vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information colle…

4- XAttacker

XATTACKER is a comprehensive tool for scanning and automatically exploiting vulnerabilities in web applications. It can detect a website's architecture, identify vulnerabilities based on the detected Content Management System (CMS), generate an exploit, and send the user the exploit link.

Features include a vulnerability scanner, auto-exploiting, CMS attacking, dork search with multiple search engines, and plain text reporting.

Supported CMS solutions

  • Joomla
  • WordPress
  • Prestashop
  • Drupal
  • Lokomedia

Supported systems

  • Android
  • Linux
  • Windows
  • macOS
Build software better, together
GitHub is where people build software. More than 100 million people use GitHub to discover, fork, and contribute to over 330 million projects.

5- Commix 

Commix (short for [comm]and [i]njection e[x]ploiter) is a powerful, user-friendly, and versatile open-source tool designed for penetration testing. Developed by Anastasios Stasinopoulos, it automates the detection and exploitation of command injection vulnerabilities in web applications. It's portable, modular, and compatible with various systems, platforms, CMS, and web applications, making it a crucial tool for security testing.

GitHub - commixproject/commix: Automated All-in-One OS Command Injection Exploitation Tool.
Automated All-in-One OS Command Injection Exploitation Tool. - GitHub - commixproject/commix: Automated All-in-One OS Command Injection Exploitation Tool.

6- KILLSHOT

KillShot is a penetration testing framework, an information-gathering tool, and a website vulnerability scanner.

KillShot allows you to spider your website, gather important information automatically, and identify vulnerabilities. Key features include:

  • Information gathering using whatweb-host-traceroute-dig-fierce-wafw00f
  • CMS identification and vulnerability detection via Cms Exploit Scanner and WebApp Vul Scanner
  • Automatic scanning using Nmap and Unicorn
  • Backdoor generation with simple PHP backdoors for manual upload and connection to the target

KillShot also includes a simple Ruby fuzzer that has been tested on VULSERV.exe, and a Linux log clear script to change the content of login paths. Spider can help you identify site parameters and scan for XSS and SQL vulnerabilities.

Other scanning capabilities include:

  • Port scanning
  • App scanning
  • Shell scanning
GitHub - bahaabdelwahed/killshot: A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner - GitHub - bahaabdelwahed/killshot: A Penetration Testing Framework, Information gathering tool &…

7- PatrOwl

PatrowlHears is a real-time Vulnerability Intelligence platform that provides CVE, exploits, and threat news. It is part of Patrowl's suite of open-source security operations and threat intelligence solutions. Developed in Python, it uses Django for the backend and Vue.js + Vuetify for the frontend, with RabbitMQ and Celery supporting asynchronous tasks and engine scalability. It can be accessed via the embedded web interface or the REST-API.

GitHub - Patrowl/PatrowlHears: PatrowlHears - Vulnerability Intelligence Center / Exploits
PatrowlHears - Vulnerability Intelligence Center / Exploits - GitHub - Patrowl/PatrowlHears: PatrowlHears - Vulnerability Intelligence Center / Exploits

8- XAttacker Tool

The X Attacker Tool ☣ is a modified version of the original X Attacker, designed to scan websites for vulnerabilities and automatically exploit them.

This tool is useful for assessing the security of your website by identifying any potential vulnerabilities. It can also be used to gain access to shells, send files, deface websites, control panels, and databases.

It's capable of detecting security issues within CMS, as well as numerous vulnerabilities in systems such as WordPress, Joomla, and others.

GitHub - R3K1NG/XAttacker: X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter - GitHub - R3K1NG/XAttacker: X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

9- Fox Ex v2

{Fox Ex v2} tool is a free and open-source solution that is designed for hacking tests. It exploits vulnerabilities and backdoors discovered recently, with the ability to upload shell +50 exploit and get +3000 shell in 2 minutes.

GitHub - raizoworm/Fox-Ex-v2: Fox Ex v2 exploit rce upload shell +50 exploit get + 3000 shell In 2 minutes 2023 priv8
Fox Ex v2 exploit rce upload shell +50 exploit get + 3000 shell In 2 minutes 2023 priv8 - GitHub - raizoworm/Fox-Ex-v2: Fox Ex v2 exploit rce upload shell +50 exploit get + 3000 shell In 2 minutes…

10- RVuln

RVuln is a multithreaded vulnerability scanner written in Rust that scans for XSS vulnerabilities. It is compatible with Ubuntu/Debian based OS, Arch Linux based OS, and Windows 10.

GitHub - iinc0gnit0/RVuln: [ Automated Web Vulnerability Scanner ]
[ Automated Web Vulnerability Scanner ]. Contribute to iinc0gnit0/RVuln development by creating an account on GitHub.

11- wsltools - Web Scan Lazy Tools

wsltools is an elegant and simple Web Scan auxiliary library for Python.

wsltools: Web Scan Lazy Tools — wsltools documentation
GitHub - Symbo1/wsltools: Web Scan Lazy Tools - Python Package
Web Scan Lazy Tools - Python Package. Contribute to Symbo1/wsltools development by creating an account on GitHub.

12- OWASP ASST

(Automated Software Security Toolkit)

ASST (Automated Software Security Toolkit) is an open-source, CLI application developed with JavaScript (Node.js framework) for scanning source code.

Currently, it focuses on PHP and MySQL languages, but its core functionalities are designed for contributions from programmers to add plugins or extensions for other languages and their frameworks. ASST is unique in that it scans PHP language according to OWASP Top 10 Web Application Security Risks.

GitHub - OWASP/ASST: OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner. - GitHub - OWASP/ASST: OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Securi…

13- Phaser

Phaser is an exceptional, high-performance attack surface mapper and vulnerability scanner. Give it a target, and it will confidently generate a comprehensive report with every detail it discovers, effectively saving you countless hours of manual audit and eliminating the need to juggle multiple tools.

GitHub - skerkour/phaser: Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)
Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧) - GitHub - skerkour/phaser: Automated attack surface mapper and vulnerability scanner (Work In Progress 🚧)

14- TechViper

TechViper is a web security scanner that identifies vulnerabilities in web applications. It provides detailed security assessments and helps improve the security of web applications by detecting issues such as Remote Code Execution, Reflected XSS, Template Injection, and SQL Injection.

Supported systems

  • Kali Linux
  • Android
  • Windows
GitHub - Malwareman007/TechViper: TechViper is an advanced web security scanner designed to detect various vulnerabilities in web applications.
TechViper is an advanced web security scanner designed to detect various vulnerabilities in web applications. - GitHub - Malwareman007/TechViper: TechViper is an advanced web security scanner desig…

15- Himawari

Himawari is an open-source free Web Vulnerability Scanner written in Golang.

GitHub - After-the-CM/Himawari: Web Vulnerability Scanner written in Golang.
Web Vulnerability Scanner written in Golang. Contribute to After-the-CM/Himawari development by creating an account on GitHub.

16- VulnScanX

VulnScanX v2.0 is a command-line application that helps identify vulnerabilities in web applications, focusing on Cross-Site Scripting (XSS), SQL Injection (SQLi), and Remote Code Execution (RCE). Key features include testing for various types of vulnerabilities, multithreading support, automated link crawling and testing, logging of results, an improved user interface, and enhanced payload file import.

Features

  • Reflected XSS Testing
  • DOM-based XSS Testing
  • SQL Injection Testing
  • Remote Code Execution Testing
  • Server-Side Template Injection Testing
  • Open Redirection Testing
  • Multithreading Support
  • Automated Link Crawling and Testing
  • Results Logging
  • Improved User Interface
  • Efficient Payload File Import
GitHub - nijithwilson/VulnScanX: The Security Testing Tool is a command-line app for web app security. It checks XSS, SQLi, and RCE vulnerabilities. Easy to use, customizable payloads, and detailed results empower developers and security pros to enhance web app security ethically.
The Security Testing Tool is a command-line app for web app security. It checks XSS, SQLi, and RCE vulnerabilities. Easy to use, customizable payloads, and detailed results empower developers and s…

17- Enlightn Security Checker

A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

GitHub - enlightn/security-checker: A PHP dependency vulnerabilities scanner based on the Security Advisories Database.
A PHP dependency vulnerabilities scanner based on the Security Advisories Database. - GitHub - enlightn/security-checker: A PHP dependency vulnerabilities scanner based on the Security Advisories D…

18- Tools for Finding Bugs and Vulnerabilities

This repo includes a dozen of a free and open-source tools to search and discover web app bugs and vulnerabilities.

GitHub - mnematolahi/offensive-security-work: open source and free tools for bug and vulnerability discovery
open source and free tools for bug and vulnerability discovery - GitHub - mnematolahi/offensive-security-work: open source and free tools for bug and vulnerability discovery

19- RapidScan

RapidScan is a multi-tool web vulnerability scanner that executes various security scanning tools, checks for vulnerabilities, and provides spontaneous results. It is light-weight, time-efficient, and helps to identify false positives. It offers vulnerability definitions and remediation advice. Features under development include association with OWASP Top 10 & CWE 25, artificial intelligence for tool deployment, detailed reports in PDF format, and on-the-run Metasploit auxiliary modules.

Features

  • one-step installation.
  • executes a multitude of security scanning tools, does other custom coded checks and prints the results spontaneously.
  • some of the tools include nmap, dnsrecon, wafw00f, uniscan, sslyze, fierce, lbd, theharvester, amass, nikto etc executes under one entity.
  • saves a lot of time, indeed a lot time!.
  • checks for same vulnerabilities with multiple tools to help you zero-in on false positives effectively.
  • extremely light-weight and not process intensive.
  • legends to help you understand which tests may take longer time, so you can Ctrl+C to skip if needed.
  • association with OWASP Top 10 & CWE 25 on the list of vulnerabilities discovered. (under development)
  • critical, high, medium, low and informational classification of vulnerabilities.
  • vulnerability definitions guides you what the vulnerability actually is and the threat it can pose.
  • remediation tells you how to plug/fix the found vulnerability.
  • executive summary gives you an overall context of the scan performed with critical, high, low and informational issues discovered.
  • artificial intelligence to deploy tools automatically depending upon the issues found. for eg; automates the launch of wpscan and plecost tools when a wordpress installation is found. (under development)
  • detailed comprehensive report in a portable document format (*.pdf) with complete details of the scans and tools used. (under development)
  • on the run metasploit auxilliary modules to discover more vulnerabilities. (under development)
GitHub - skavngr/rapidscan: :new: The Multi-Tool Web Vulnerability Scanner.
:new: The Multi-Tool Web Vulnerability Scanner. . Contribute to skavngr/rapidscan development by creating an account on GitHub.

20- afrog

afrog is a high-performance security tool for bug bounty, pentesting, and red teaming. It features a fast, stable vulnerability scanner with low false positives, customizable PoCs, and detailed HTML vulnerability reports. afrog supports user-defined PoC and has several built-in types. It is open-source and has an active community exchange group.

GitHub - zan8in/afrog: A Security Tool for Bug Bounty, Pentest and Red Teaming.
A Security Tool for Bug Bounty, Pentest and Red Teaming. - GitHub - zan8in/afrog: A Security Tool for Bug Bounty, Pentest and Red Teaming.

21- Threat-Patrol

Threat-Patrol is a Python script that scans websites for potential vulnerabilities including SQL injection, XSS, CSRF, SSRF, LFI and RCE. It is user-friendly, provides instant results, automatically scans for vulnerabilities, and offers a simple command line interface.

GitHub - itsraiharshit/threat-patrol: Threat-Patrol is a easy-to-use python script that quickly scans a website for potential vulnerabilities in CLI.
Threat-Patrol is a easy-to-use python script that quickly scans a website for potential vulnerabilities in CLI. - GitHub - itsraiharshit/threat-patrol: Threat-Patrol is a easy-to-use python script…

22- w4af

w4af is an open-source web application security scanner, originally based on w3af, that helps identify and exploit vulnerabilities in web applications. It is currently in an early alpha development phase and user experience and bug reports are welcomed, but no warranties are made about the software as it is still a work in progress.

GitHub - w4af/w4af: w4af: web advanced application attack and audit framework, the open source web vulnerability scanner.
w4af: web advanced application attack and audit framework, the open source web vulnerability scanner. - GitHub - w4af/w4af: w4af: web advanced application attack and audit framework, the open sourc…

23- Damn Web Scanner

The Damn Web Scanner is a web vulnerabilities scanner extension for Chrome and Opera. It scans for SQL Injection, Cross Site Scripting, Local File Inclusion, and Remote Commands Execution. It can detect server status, list vulnerabilities, reuse cookies and user-agents for cookie-authenticated pages, export vulnerabilities into a CSV file, and launch scans when a form is submitted or a page is opened via the URL bar.

Currently it scans for:

  • SQL Injection : Time based SQLi scanner using polyglot vectors (MySQL, SQLite, Oracle, Postgresql, SQL Server)
  • Cross Site Scripting : Using a browser simulator (Ghost)
  • Local File Inclusion
  • Remote Commands Execution using polyglot vectors based on time

All the features are:

  • Detect if the server is up with a "/ping" request
  • New XSS vectors, work in different contexts (JS var, JS function, inside HTML tag, outside HTML tag)
  • Basic page to list the vulnerabilities URL and TYPE
  • Re-use your cookies and user-agent to get access to page with cookie-authentication
  • Export vulnerabilities into a CSV file
  • Launch scan when a form is submitted or a page is opened via the URL bar
GitHub - swisskyrepo/DamnWebScanner: Another web vulnerabilities scanner, this extension works on Chrome and Opera
Another web vulnerabilities scanner, this extension works on Chrome and Opera - GitHub - swisskyrepo/DamnWebScanner: Another web vulnerabilities scanner, this extension works on Chrome and Opera

24- Nuclei

Nuclei is a fast, customizable vulnerability scanner that sends requests across targets based on a template. It provides zero false positives and can scan a large number of hosts. Nuclei supports various protocols and can model all kinds of security checks thanks to its powerful and flexible templating.

GitHub - projectdiscovery/nuclei: Fast and customizable vulnerability scanner based on simple YAML based DSL.
Fast and customizable vulnerability scanner based on simple YAML based DSL. - GitHub - projectdiscovery/nuclei: Fast and customizable vulnerability scanner based on simple YAML based DSL.

25- Raccoon

Raccoon is a high-performance offensive security tool for reconnaissance and vulnerability scanning. It provides DNS details, WHOIS information, TLS data, port scanning, services and scripts scanning, URL fuzzing, subdomain enumeration, web application data retrieval, WAF detection, and supports anonymous routing. It uses asyncio for improved performance and saves output to files.

Features

  •  DNS details
  •  DNS visual mapping using DNS dumpster
  •  WHOIS information
  •  TLS Data - supported ciphers, TLS versions, certificate details and SANs
  •  Port Scan
  •  Services and scripts scan
  •  URL fuzzing and dir/file detection
  •  Subdomain enumeration - uses Google dorking, DNS dumpster queries, SAN discovery and bruteforce
  •  Web application data retrieval:
    • CMS detection
    • Web server info and X-Powered-By
    • robots.txt and sitemap extraction
    • Cookie inspection
    • Extracts all fuzzable URLs
    • Discovers HTML forms
    • Retrieves all Email addresses
    • Scans target for vulnerable S3 buckets and enumerates them for sensitive files
  •  Detects known WAFs
  •  Supports anonymous routing through Tor/Proxies
  •  Uses asyncio for improved performance
  •  Saves output to files - separates targets by folders and modules by files
GitHub - evyatarmeged/Raccoon: A high performance offensive security tool for reconnaissance and vulnerability scanning
A high performance offensive security tool for reconnaissance and vulnerability scanning - GitHub - evyatarmeged/Raccoon: A high performance offensive security tool for reconnaissance and vulnerabi…

26- Fuxploider

Fuxploider is an unrivaled, open-source penetration testing tool that masterfully automates the process of detecting and exploiting file upload form flaws. With a unique ability to discern the file types allowed for upload, it adeptly determines the most effective technique to upload web shells or any malicious file onto the targeted web server.

GitHub - almandin/fuxploider: File upload vulnerability scanner and exploitation tool.
File upload vulnerability scanner and exploitation tool. - GitHub - almandin/fuxploider: File upload vulnerability scanner and exploitation tool.

27- OWASP Nettacker

The OWASP Nettacker project is a free open-source tool designed to automate information gathering, vulnerability scanning, and report generation for networks. This includes identifying services, bugs, vulnerabilities, misconfigurations, and other relevant information. This software will use TCP SYN, ACK, ICMP, and many other protocols to detect and bypass Firewall/IDS/IPS devices. Utilizing a unique method in OWASP Nettacker, it can discover protected services and devices such as SCADA, giving it a competitive edge over other scanners and making it one of the best.

OWASP IoT Scanner

  • Python Multi Thread & Multi Process Network Information Gathering Vulnerability Scanner
  • Service and Device Detection ( SCADA, Restricted Areas, Routers, HTTP Servers, Logins and Authentications, None-Indexed HTTP, Paradox System, Cameras, Firewalls, UTM, WebMails, VPN, RDP, SSH, FTP, TELNET Services, Proxy Servers and Many Devices like Juniper, Cisco, Switches and many more… )
  • Asset Discovery & Network Service Analysis
  • Services Brute Force Testing
  • Services Vulnerability Testing
  • HTTP/HTTPS Crawling, Fuzzing, Information Gathering and …
  • HTML, JSON, CSV and Text Outputs
  • API & WebUI
  • This project is at the moment in research and development phase
  • Thanks to Google Summer of Code Initiative and all the students who contributed to this project during their summer breaks:
GitHub - OWASP/Nettacker: Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management - GitHub - OWASP/Nettacker: Automated Penetration Testing Framework - Open-Source Vulnerabilit…

28- EMBA

EMBA is a firmware analysis tool designed for penetration testers and product security teams. It supports the entire security analysis process, from firmware extraction to static and dynamic analysis, and generates a web report. EMBA identifies potential vulnerabilities in firmware, such as insecure binaries, outdated software components, vulnerable scripts, or hard-coded passwords. It provides comprehensive information about the firmware, allowing testers to decide on focus areas and interpret the results.

GitHub - e-m-b-a/emba: EMBA - The firmware security analyzer
The firmware security analyzer. Contribute to e-m-b-a/emba development by creating an account on GitHub.

29- CRLFuzz

CRLFuzz is a free, open-source tool written in Go, designed for fast scanning of CRLF vulnerabilities.

GitHub - dwisiswant0/crlfuzz: A fast tool to scan CRLF vulnerability written in Go
A fast tool to scan CRLF vulnerability written in Go - GitHub - dwisiswant0/crlfuzz: A fast tool to scan CRLF vulnerability written in Go

30- Jackhammer

Jackhammer is a collaboration tool designed to bridge the gap between security, development, and QA teams. It performs static and dynamic code analysis, identifies security vulnerabilities, and helps manage these vulnerabilities in an era of continuous integration and deployment.

It operates on Role Based Access Control (RBAC) and features dashboards for individual and team scans. Jackhammer is built on a pluggable architecture, allowing integration with any open source or commercial tool, and uses the OWASP pipeline project to run multiple tools against your code, web app, mobile app, CMS, or network.

Key Features:

  • Provides unified interface to collaborate on findings
  • Scanning (code) can be done for all code management repositories
  • Scheduling of scans based on intervals # daily, weekly, monthly
  • Advanced false positive filtering
  • Publish vulnerabilities to bug tracking systems
  • Keep a tab on statistics and vulnerability trends in your applications
  • Integrates with majority of open source and commercial scanning tools
  • Users and Roles management giving greater control
  • Configurable severity levels on list of findings across the applications
  • Built-in vulnerability status progression
  • Easy to use filters to review targeted sets from tons of vulnerabilities
  • Asynchronous scanning (via sidekiq) that scale
  • Seamless Vulnerability Management
  • Track statistics and graph security trends in your applications
  • Easily integrates with a variety of open source, commercial and custom scanning tools
GitHub - olacabs/jackhammer: Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems. - GitHub - olacabs/jackhammer: Jackhammer - One Security vulnerability assessment/managem…

31- Mageni

Mageni is a cross-platform, open-source vulnerability management platform that offers a range of features including assets, services, ports, applications, rogue device, and shadow IT discovery. It also provides vulnerability scanning, assessment, reporting, remediation, prioritization, and validation, as well as security audits, IoT, OT, and SCADA security testing, and hardening testing. It aids in addressing vulnerabilities for compliance with various standards like PCI DSS, NIST, HIPAA, ISO, NERC, FISMA, and NIS.

GitHub - mageni/mageni: Open-source vulnerability scanner
Open-source vulnerability scanner. Contribute to mageni/mageni development by creating an account on GitHub.

32- FazScan

FazScan is a Perl program designed for vulnerability scanning and pentesting, offering 18 options. These include various vulnerability scanners for SQL injection and common web vulnerabilities, automated CMS detectors and vulnerability scanners for multiple CMS platforms, an information gathering kit, a CloudFlare WAF protection bypasser, a dork scanner, an automated open port scanner, a denial of service attack feature, and an admin page detector.

GitHub - mfazrinizar/FazScan: | FazScan is a Perl program to do some vulnerability scanning and pentesting |
| FazScan is a Perl program to do some vulnerability scanning and pentesting | - GitHub - mfazrinizar/FazScan: | FazScan is a Perl program to do some vulnerability scanning and pentesting |

33- Trivy

Trivy is a versatile security scanner that can scan a variety of targets, including container images, filesystems, git repositories, virtual machine images, Kubernetes, and AWS. It can detect issues such as OS packages and software dependencies in use, known vulnerabilities, IaC issues and misconfigurations, sensitive information and secrets, and software licenses. Trivy supports most popular programming languages, operating systems, and platforms.

GitHub - aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more - GitHub - aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets,…

34- Scanners Box 

Scanners Box, also known as scanbox, stands as a formidable hacker toolkit, aggregating open source scanners from Github across more than 10 categories. This includes scanners for subdomains, databases, middleware and more, all with a modular design. However, it's worth noting that other renowned scanning tools like nmap, w3af, brakeman, arachni, nikto, metasploit, aircrack-ng are not included in our collection.

GitHub - We5ter/Scanners-Box: A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑 - GitHub - We5ter/Scanners-Box: A powerful and open-source toolkit for hackers and security automation - 安全…

35- MagicRecon

MagicRecon is a shell script designed to streamline the process of data collection and vulnerability detection. It organizes results in various formats and directories, and its features include subdomain enumeration, live domain checking, whois and DNS information retrieval, technology extraction, certificate information, screenshot taking, email and user searching, public resource enumeration in AWS, Azure, and Google Cloud, GitHub Dorks information searching, robots.txt file entry checking, endpoint retrieving, parameter and port scanning, dirsearch, 403 HTTP status code bypass checking, massive recon and vulnerability scanning via Nuclei, and missing security header searching.

GitHub - robotshell/magicRecon: MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way…

36- OSV-Scanner

OSV-Scanner is a tool that identifies vulnerabilities in a project's dependencies by connecting to the open-source OSV database. It offers advantages over closed-source databases and scanners, including advisories from open and authoritative sources, the ability for anyone to suggest improvements, and a machine-readable format that precisely maps onto a developer's list of packages.

GitHub - google/osv-scanner: Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Vulnerability scanner written in Go which uses the data provided by https://osv.dev - GitHub - google/osv-scanner: Vulnerability scanner written in Go which uses the data provided by https://osv.dev

37- Wapiti - Web Vulnerability Scanner

Wapiti is a Python-based web vulnerability scanner that supports various protocols and features. It operates as a "black-box" scanner, functioning like a fuzzer rather than studying source code. It scans web application pages, extracts links and forms, sends payloads, and looks for error messages or abnormal behaviors.

Wapiti is a Free and Open-source Web Vulnerability Scanner
Wapiti is a Python-based web vulnerability scanner that supports HTTP, HTTPS, and SOCKS5 proxies. It offers features such as HTTP authentication, form-based login authentication, scan scope limitation, automatic URL parameter removal, safeguards against endless-loops, and the ability to set initial…
GitHub - wapiti-scanner/wapiti: Web vulnerability scanner written in Python3
Web vulnerability scanner written in Python3. Contribute to wapiti-scanner/wapiti development by creating an account on GitHub.

38- Collector

Collector is an intelligent automated tool that uses the Wayback Machine to find every vulnerable parameter. Its main features include finding XSS vulnerable parameters, crawling entire websites to collect every URL, advanced error handling, and collecting GET parameters.

GitHub - thenurhabib/collector: Collect XSS vulnerable parameters from entire domain.
Collect XSS vulnerable parameters from entire domain. - GitHub - thenurhabib/collector: Collect XSS vulnerable parameters from entire domain.

39- Subdover

Subdover is a Python3-based, multithreaded subdomain takeover vulnerability scanner with over 88 fingerprints of potentially vulnerable services. It uses a CNAME record for verification and includes built-in subdomain enumeration and HTTP probing. Features include scanning from a subdomain list, testing single targets, customizable thread numbers, result saving in TXT format, clean output, OS independence, and an auto command line updater.

GitHub - PushpenderIndia/subdover: Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3
Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Written In Python3 - GitHub - PushpenderIndia/subdover: Subdover is a MultiThreaded Subdomain Takeover Vulnerability Scanner Wri…

40- Tsunami

Tsunami is a versatile network security scanner that uses an extensible plugin system to detect high-risk vulnerabilities with high confidence. All publicly available Tsunami plugins are hosted in a separate repository.

GitHub - google/tsunami-security-scanner: Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. - GitHub - google/tsunami-security-scanner:…

41- Th3_Monster Tool 2.5

Th3_Monster Tool 2.5 ☣ is an open-source website vulnerability scanner and automatic exploitation bot ☣ .

GitHub - Moat3zKadd3chy/Th3_Monster: Th3_Monster Tool 2.5 ☣ Website Vulnerability Scanner & Auto Exploiter Bot ☣ .
Th3_Monster Tool 2.5 ☣ Website Vulnerability Scanner & Auto Exploiter Bot ☣ . - GitHub - Moat3zKadd3chy/Th3_Monster: Th3_Monster Tool 2.5 ☣ Website Vulnerability Scanner & Auto Exploiter Bo…







Open-source Apps

9,500+

Medical Apps

500+

Lists

450+

Dev. Resources

900+

Read more