Browsing category
OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test. The scanner will provide a dashboard with information about vulnerabilities detected in the infrastructure, […]
Striker is an offensive information and vulnerability scanner that will make enumeration of remote system using some online services this will make the attack not depending on user connection and it will make attacker avoid being detected or prevented by Intrusion detection system or web application firewalls. The tool will run SQLMap api to check […]
TROMMEL sifts through embedded device files to identify potential vulnerable indicators. The tool can be used to search files and configurations in a directory and find potential vulnerability. Usually any security scanner will produced reports and finding without properly confirming the system vulnerability. Vulnerability scanner allow security professional to automate and accelerate the vulnerability assessment […]
Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or when their output changes. Seccubus […]
This is a quick-and-dirty scanner for the CVE-2019-0708 vulnerability in Microsoft Remote Desktop. Right now, there are about 900,000 machines on the public Internet vulnerable to this vulnerability, so many are to expect a worm soon like WannaCry and notPetya. Therefore, scan your networks and patch (or at least, enable NLA) on vulnerable systems. This […]
BoomER is an open source framework, developed in Python. The tool is focused on post-exploitation, with a main objective, the detection and exploitation of local vulnerabilities, as well as the collection of information from a system, such as the installed applications they have. The framework allows the extension by third parties, through the development of […]
Swiss army knife for hackers that includes scanning for vulnerabilities, finding information about a target, performing exploitation techniques and much more. Getting Started Steps to setup : git clone <your-fork-url> cd vault sudo apt-get install python3-pip sudo pip3 install virtualenv virtualenv venv source venv/bin/activate pip3 install -r requirements.txt Starting Vault : cd vault/src python3 vault.py […]
Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program is to solve this problem through automation; viz. running multiple scanning tools to discover vulnerabilities, effectively judge false-positives, collectively correlate results and saves precious time; all these under […]
Vulmap is an open source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These scripts can be used for defensive and offensive purposes. It is possible to make vulnerability assessments using these scripts. Also they can be used for privilege escalation by pentesters/red teamers. […]
Sitadel is basically an update for WAScan making it compatible for python >= 3.4 It allows more flexibility for you to write new modules and implement new features Frontend framework detection Content Delivery Network detection Define Risk Level to allow for scans Plugin system Docker image available to build and run Requirement Warning This project […]
Osmedeus allows you to run a collection of tools to simplify the reconnaissance and vulnerability scanning phase against the target. Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. IP Discovery. CORS Scan. SSL Scan. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and […]
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon’s scans are independent […]
Fuxi Scanner is an open source network security vulnerability scanner, that comes with multiple functions such as Vulnerability detection & management, Authentication Tester, IT asset discovery & management, Port scanner, Subdomain scanner, Acunetix Scanner (Integrate Acunetix API). InstallationDocumentation Usage Vulnerability Scanner The scanner module integrate an open-sourced remote vulnerability testing and PoC development framework – […]
WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner. It is designed to find various vulnerabilities using “black-box” methods. WAScan is built on python2.7 and can run on any platform which has a Python environment. Features Fingerprint Detect Server Detect Web Frameworks (22) Check Cookie Security Check Headers Security Detect Language (9) Detect Operating System (OS – 8) […]
Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. Nikto is an Open Source web server scanner which performs comprehensive tests against web servers […]
Prowler is a Cluster Network Vulnerability Scanner, developed during Singapore Infosec Community Hackathon – HackSmith v1.0. It is implemented on a cluster of Raspberry Pi and it will scan a network for vulnerabilities, such as default/weak credentials, that can be easily exploited. Capabilities Scan a network (or a particular subnet) for all IP addresses associated […]
VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in Perl programming language to detect VBulletin CMS vulnerabilities and analyze them. Usage: ./vbscan.pl <target> ./vbscan.pl http://target.com/vbulletin Download VBScan
Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won’t damage production systems, it’s completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. It detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and […]