Loading...
Legion is a free Penetration Testing tool. Security professionals most commonly compare it with Git Scanner Framework. All 262 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to Legion, including their key features and shared capabilities.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
SecLists is a comprehensive repository of security testing lists including usernames, passwords, URLs, fuzzing payloads, and web shells used during penetration testing and security assessments.
A fast web crawler for discovering endpoints and assets within web applications during security reconnaissance.
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
x8 is a hidden parameters discovery suite that automatically identifies undocumented parameters in web applications and APIs for security testing purposes.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
SecLists is a comprehensive repository of security testing lists including usernames, passwords, URLs, fuzzing payloads, and web shells used during penetration testing and security assessments.
A fast web crawler for discovering endpoints and assets within web applications during security reconnaissance.
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
x8 is a hidden parameters discovery suite that automatically identifies undocumented parameters in web applications and APIs for security testing purposes.
A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.
A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.
An exploitation framework for industrial security with modules for controlling PLCs and scanning devices.
A proof-of-concept toolkit for fingerprinting and exploiting Amazon Web Services cloud infrastructures using the boto library.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A brute force parameter discovery tool for identifying hidden GET and POST parameters in web applications during security assessments.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
A collection of three tools for extracting, dumping, and scanning exposed .git repositories on websites to identify sensitive information and security vulnerabilities.
A security tool for discovering and analyzing interesting files in AWS S3 buckets across multiple regions and bucket types.
A Python utility that identifies and exploits domains vulnerable to AWS name server takeover attacks by detecting misconfigured DNS settings.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
AI-powered autonomous penetration testing platform with multi-agent system
AI-powered automated penetration testing platform for vulnerability discovery
AI-powered automated penetration testing platform for web apps, APIs & GraphQL
Human-guided continuous pentesting platform with attack surface management
AI-powered automated pen testing & continuous red teaming platform
Pentest management platform for reporting, project mgmt & client collaboration
Pentest reporting & exposure mgmt platform for vulnerability remediation
Automated pentesting for web apps & APIs with continuous vulnerability scanning
Penetration testing software for simulating attacks and validating vulnerabilities
Automated internal network penetration testing and security validation platform
Continuous pentesting service monitoring web apps & APIs for code changes
AI-powered automated penetration testing platform for web apps and networks
AI-powered automated penetration testing platform for on-demand security audits
AI-powered autonomous pentesting platform for continuous security validation
Modular offensive security platform for continuous monitoring and testing
AI-native multi-agent pentesting engine for autonomous vulnerability discovery
AI-driven autonomous pentesting platform for continuous vulnerability discovery
Continuous automated pentesting platform for ongoing security assessment
Autonomous AI system for continuous penetration testing and exploit validation
Cloud-based penetration testing platform for threat mgmt & remediation
Managed continuous penetration testing service for internal & external networks
Autonomous penetration testing platform identifying attack paths & vulnerabilities
Automated network penetration testing tool for internal and external attacks
Continuous pentesting platform with autonomous AI agents for web apps and APIs
AI-powered continuous pentesting platform with agentic automation
AI-powered pentest & VMDR platform for vulnerability scanning & management
AI-driven pentesting platform with white hat hacker community support
Autonomous pentesting platform for internal, external, cloud & K8s testing
Autonomous pentesting platform for data exfiltration testing & validation
AI-powered autonomous vulnerability hunter with CLI and platform interfaces
Pentest engagement management platform with continuous testing & real-time reporting.
PTaaS platform for managing pentests, DAST, and attack surface monitoring.
Pen testing platform with guided automation and certified exploit library.
AI-powered continuous pentesting platform combining autonomous agents with human hackers.
Pentest platform combining automated scanning & manual VAPT with reporting.
Autonomous pentesting platform that discovers, exploits & maps attack paths.
SaaS penetration testing & automated red team platform with 200K+ vuln DB.
Automated fuzz & penetration testing tool for automotive ECUs and software.
AI-driven platform for automated pentesting and security validation.
Centralized mgmt console for multiple RidgeBot deployments across MSSP clients.
Automated pentest tool validating web apps against OWASP Top 10 CWEs.
Hardware security testing tools for side-channel analysis & fault injection.
Autonomous AI platform that simulates multi-phase attack campaigns to find kill chains.
Continuous pentest platform simulating real attacks across web, cloud, and network assets.
AI-driven continuous penetration testing platform with automated remediation.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
ROPgadget is a cross-platform command-line tool that searches for ROP gadgets in binary files across multiple architectures to facilitate exploit development and ROP chain construction.
A login cracker that can be used to crack many types of authentication protocols.
A penetration testing framework for identifying and exploiting vulnerabilities.
A web-based payload repository that generates ready-to-use exploits for pentesting
Open-source platform for pentest reporting and security team collaboration
A correlated injection proxy tool that integrates with XSS Hunter for automated cross-site scripting vulnerability testing and payload tracking.
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through systematic testing and analysis.
Pen test management and reporting platform for manual assessments
Hashcat is a fast and advanced password recovery utility that supports various attack modes and hashing algorithms, and is open-source and community-driven.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
A suite for man in the middle attacks, featuring sniffing of live connections, content filtering, and protocol dissection.
A suite of tools for Wi-Fi network security assessment and penetration testing.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
SharpPrinter enables efficient discovery of network printers for security and management purposes.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
Modular framework for pentesting Modbus protocol with diagnostic and offensive features.
An industrial control system testing tool that enables security researchers to enumerate SCADA controllers, read register values, and modify register data across different testing modes.
Intercepts and examines mobile app connections by stripping SSL/TLS layer.
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
Pwntools is a Python CTF framework and exploit development library that provides tools for rapid prototyping and development of exploits and CTF challenge solutions.
A utility that attempts to decrypt data from weak RSA public keys and recover private keys using multiple integer factorization algorithms.
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
Linux Exploit Suggester; suggests possible exploits based on the Linux operating system release number.
PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.
Modular framework for web services penetration testing with support for various attacks.
A fast and flexible HTTP enumerator for content discovery and credential bruteforcing
A script to enumerate Google Storage buckets and determine access and privilege escalation
MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.
A tool for privilege escalation within Linux environments by targeting vulnerabilities in SUDO usage.
Open-source Java application for creating proxies for traffic analysis & modification.
A collection of precompiled Windows exploits for privilege escalation.
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
WackoPicko is an intentionally vulnerable web application used for security testing, penetration testing practice, and vulnerability scanner evaluation.
AFE Android Framework for Exploitation is a framework that provides tools and techniques for exploiting vulnerabilities in Android devices and applications.
BeEF is a penetration testing framework that exploits web browsers to assess client-side security vulnerabilities and launch attacks from within the browser context.
Script to find exploits for vulnerable software packages on Linux systems using an exploit database.
A next generation version of enum4linux with enhanced features for enumerating information from Windows and Samba systems.
NoSQLMap is an open source Python tool that automates NoSQL injection attacks and exploits configuration weaknesses in NoSQL databases to disclose or clone data.
A virtual host scanner with the ability to detect catch-all scenarios, aliases, and dynamic default pages, presented at SecTalks BNE in September 2017.
Open source penetration testing tool for detecting and exploiting command injection vulnerabilities.
OneGadget is a CTF-focused tool that uses symbolic execution to find RCE gadgets in binaries that can execute shell commands through execve('/bin/sh', NULL, NULL).
Exploiting WordPress With Metasploit, containing 45 modules for exploits and auxiliaries.
A tool to profile web applications based on response time discrepancies.
FuzzDB is an open-source dictionary of attack patterns and predictable resource locations for dynamic application security testing and vulnerability discovery.
A fuzzing framework for Android that creates corrupt media files to identify potential vulnerabilities
A Python library that simplifies format string vulnerability exploitation by providing tools for payload generation, memory manipulation, and automated parameter detection.
Hash Extender is a command-line tool that automates length extension attacks against various hashing algorithms including MD5, SHA-1, SHA-256, and others.
A modular and script-friendly multithread bruteforcer for managing task parameters in Python scripts.
A Linux exploit suggestion tool that identifies potential privilege escalation vulnerabilities by analyzing kernel versions and matching them against a database of known exploits.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
Boofuzz is a network protocol fuzzing tool that aims to fuzz everything
Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, ...
PEDA is a Python extension for GDB that enhances debugging with colorized displays and specialized commands for exploit development and binary security analysis.
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
Principal Mapper is a Python tool that models AWS IAM configurations as directed graphs to identify privilege escalation risks and alternative attack paths in AWS environments.
FeatherDuster is a cryptanalysis tool that automatically identifies and exploits weaknesses in cryptographic systems by analyzing ciphertext files.
A WebSocket Manipulation Proxy with a user interface to capture, intercept, and send custom messages for WebSocket and Socket.IO communications.
OWASP OWTF is a penetration testing framework focused on efficiency and alignment with security standards.
A Python script that performs security testing attacks against AWS Cognito services including account creation, user enumeration, and privilege escalation vulnerabilities.
Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
A Ruby framework designed to aid in the penetration testing of WordPress systems.
LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.
mXtract is a Linux-based tool for memory analysis and dumping with regex pattern search capabilities.
Ropper is a multi-architecture binary analysis tool that searches for ROP gadgets and displays information about executable files for exploit development.
InternalBlue is a Bluetooth experimentation framework that enables low-level firmware interaction with Broadcom chips for security research and attack prototype development.
A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.
A Python script for creating a cohesive and up-to-date penetration testing framework.
A collection of Python scripts for conducting penetration testing activities against Amazon Web Services (AWS) environments.
Pacu is an open-source AWS exploitation framework designed for offensive security testing against cloud environments through modular attack capabilities.
WeirdAAL is an open-source framework that provides tools and libraries for simulating attacks and testing security vulnerabilities in AWS environments.
Lambda-Proxy is a utility that enables SQL injection testing of AWS Lambda functions by converting SQLMap HTTP attacks into Lambda invoke calls through a local proxy.
A comprehensive database of exploits and vulnerabilities for researchers and professionals
A tool for testing and analyzing RFID and NFC tags, allowing users to read and write data, and perform various attacks and tests.
Ophcrack is a free Windows password cracker based on rainbow tables with various features for password recovery.
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
A complete suite of tools for assessing WiFi network security with capabilities for monitoring, attacking, testing, and cracking.
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
Tool for attacking Active Directory environments through SQL Server access.
A 32-bit assembler level analyzing debugger for Microsoft Windows.
A Live CD and Live USB for penetration testing and security assessment
GNU/Linux Wireless distribution for security testing with XFCE desktop environment.
Automatic tool for pentesting XSS attacks against different applications
Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.
The Proxmark III is a versatile device for sniffing, reading, and cloning RFID tags with strong community support.
CrackMapExec (CME) - A tool for querying internal database for host and credential information in cybersecurity.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
A tool for analyzing pentest screenshots using a convolutional neural network
A fast and flexible web fuzzer for identifying vulnerabilities in web applications
A modern directory scanner that can be used to find hidden directories and files on a web server.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
A python tool for discovering endpoints, parameters, and wordlists in a given target
A command-line tool that identifies and extracts parameters from HTTP requests and responses to assist with web application security testing and vulnerability assessment.
A collection of payloads and methodologies for web pentesting.
qsfuzz is a rule-based fuzzing tool for testing query string parameters in web applications to identify security vulnerabilities.
A directory traversal fuzzer for finding and exploiting directory traversal vulnerabilities.
A Python-based tool that automates the identification and exploitation of file inclusion and directory traversal vulnerabilities in web applications.
A Burp Suite extension that detects NGINX alias traversal vulnerabilities by analyzing HTTP traffic patterns to identify path traversal misconfigurations.
A collection of Local File Inclusion (LFI) vulnerability tests and exploitation techniques designed for use with Burp Suite.
Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.
A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities
A scripting engine for interacting with GraphQL endpoints for pentesting purposes.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
A tool for identifying and analyzing Java serialized objects in network traffic
A payload generator that creates malicious deserialization payloads for testing .NET applications against insecure deserialization vulnerabilities.
Automatic authorization enforcement detection extension for Burp Suite
A framework for testing and exploiting race condition vulnerabilities through concurrent request analysis and timing attack automation.
A Python library that simplifies testing and exploiting race conditions in web applications using concurrent HTTP requests.
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
A collection of customizable automation scripts for Turbo Intruder that facilitate vulnerability scanning, exploitation, and data extraction in penetration testing workflows.
A tool to search for Sentry config on a page or in JavaScript files and check for blind SSRF
A DNS rebinding attack framework for security researchers and penetration testers.
A malicious DNS server that executes DNS Rebinding attacks on-demand to bypass same-origin policy restrictions and access internal network resources.
A front-end JavaScript toolkit for creating DNS rebinding attacks
A tool for identifying and exploiting SSRF vulnerabilities in modern cloud environments by filtering host lists to find viable attack candidates.
ESC is an interactive .NET SQL console client with enhanced SQL Server discovery and data exfiltration features designed for penetration testing and red team engagements.
A Python library for automating time-based blind SQL injection attacks
A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases through automated scanning and reporting.
An advanced cross-platform tool for detecting and exploiting SQL injection security flaws
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.
A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
A collection of XSS payloads designed to turn alert(1) into P1
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
Shadow Workers is an open source C2 framework and proxy tool for penetration testers to exploit XSS vulnerabilities and malicious Service Workers.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A collection of scripts for debugging SSRF, blind XSS, and XXE vulnerabilities
A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.
A bash script for scanning a target network for HTTP resources through XXE
Tplmap is a command-line tool that detects and exploits server-side template injection vulnerabilities in web applications across multiple template engines.
AEM (Adobe Experience Manager) Hacker is a tool designed to help security researchers and penetration testers identify and exploit vulnerabilities in AEM-based systems.
A Burp extension to check JWT tokens for potential weaknesses
A simple Python script to test for a hypothetical JWT vulnerability
A powerful tool for finding and exploiting subdomain takeover vulnerabilities
An open-source attack surface management platform for identifying and managing vulnerabilities
A powerful penetration testing platform for identifying vulnerabilities and weaknesses in computer systems.
A command line utility for searching and downloading exploits from multiple exploit databases including Exploit-DB and Packet Storm.
A command-line tool that replaces all query string parameter values in URLs with a user-supplied value for security testing purposes.
A Docker-based penetration testing toolkit that provides a portable environment with GUI support and pre-installed security tools for web application testing and CTF activities.
A tool to easily automate and multithread your pentesting and bug bounty workflow without any coding
Common questions security professionals ask when evaluating alternatives and competitors to Legion.
The most popular alternatives to Legion include Git Scanner Framework, BurpSmartBuster, Burp Suite Professional, BloodHound, and SecLists. These Penetration Testing tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
