Top Alternatives to ssh-audit by jtesta
Vulnerability Managementssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.
161 Alternatives to ssh-audit by jtesta
A powerful directory/file, DNS and VHost busting tool written in Go.
A fast web crawler for discovering endpoints and assets within web applications during security reconnaissance.
Automated web scanner detecting vulnerabilities and HTTP security headers
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
Web and email security scanner that checks 16 critical security points in 60 seconds
Web app & network vulnerability scanner integrating OWASP ZAP, Shodan & Nmap
SSTImap is an automated detection tool that identifies Server-Side Template Injection vulnerabilities in web applications through systematic testing and analysis.
AI-powered automated vuln scanning for apps, APIs, domains, and cloud
Ecommerce malware & vulnerability scanner for Magento, Adobe Commerce & more
AI-driven security scanning platform with automated vulnerability detection
Tests leaked/stolen credentials against attack surfaces to identify exposures
AI-powered platform for SSL/TLS security testing and compliance assessment
AI-powered web security testing platform for vulnerability and compliance scanning
Scans repositories for exposed secrets, API keys, and credentials for bug bounty
Detects end-of-life and outdated software in code and containers
Open source vulnerability & IaC scanner for containers & cloud native apps
Scans artifacts across SDLC for vulnerabilities, malware, secrets & misconfigs
AI-powered vulnerability scanner for web apps and APIs
Firmware & hardware security platform for AI data center infrastructure
CLI tool for preliminary website security vulnerability assessment
Checks SSL certificate expiry dates and sends email notifications
Free tool to check domain name expiration dates
Website malware scanner with remote & server-side scanning capabilities
Detects config disclosure vulnerabilities in Simple 301 Redirects plugin
PostgreSQL management tool detection scanner for asset discovery
Scanner for WordPress Table of Contents Plus plugin path disclosure vuln
Detects Cisco Email Security Appliance login panels on networks
Scanner for CVE-2024-35693 XSS vuln in WordPress 12 Step Meeting List plugin
Scanner for CVE-2025-56266 Host Header Injection in Avigilon ACM
Scanner for CVE-2023-7164 file download vuln in WordPress BackWPup plugin
Detects exposed Python history files that may leak sensitive information
Scanner for CVE-2022-0873 XSS vulnerability in WordPress Gmedia plugin
Scanner for CVE-2024-2862 unauthenticated password reset in LG LED Assistant
Web app vulnerability scanner with continuous scanning and authenticated testing
Infrastructure vulnerability scanner for networks, data centers, and cloud
CMS security scanner with DAST capabilities for web apps and infrastructure
WordPress vulnerability scanner that detects security issues and malware
Automated patch management solution for enterprise systems
Agentless external vulnerability scanning with continuous asset discovery
External server vulnerability scanning for CVEs, patches, and misconfigurations
Automated scanner for SQL injection and web app vulnerabilities
XSS vulnerability scanner for web apps and APIs with automated scanning
Automated active security testing platform for external attack surfaces
Network vulnerability scanner for internal & external network security testing
Automated web vulnerability scanner for SQLi, XSS, and other web app flaws
All-in-one offensive security platform for attack surface mgmt & risk scoring
Offensive security platform for attack surface discovery and risk management
Android app for scanning networks to identify security vulnerabilities
Synthetic monitoring for websites, APIs, and user flows from global locations
Agent-based server security monitoring with vulnerability and compliance scanning
Automated patch management software for fixing software vulnerabilities
AI-powered vulnerability intelligence database with real-time threat context
Automated monthly website and firewall vulnerability scanning service
Automated patch management solution for endpoint security and updates
Cloud-based network assessment tool with automated scanning and reporting
Vulnerability scanner using templates to scan apps, cloud, and networks
Security evaluation platform for pre-silicon, post-silicon, and software testing
Pre-silicon HW security verification tool for SoC designs via simulation
Post-silicon device evaluation platform for physical attack resistance testing
Python-based network testing platform for config management and compliance
AI-driven vulnerability triage that reduces false positives & prioritizes fixes
Unified security platform with vuln scanning, endpoint mgmt & bug bounty
Wireless network security scanning and analysis hardware device
Network testing and analysis device with cable testing capabilities
Web app scanning for MSPs to identify vulnerabilities and misconfigurations
Automated patch management for 600+ third-party applications
Automated OS patching for Windows and Mac systems with scheduling
Automated fuzz testing service to discover software vulnerabilities
PCI DSS compliance scanning solution for payment card data systems
Checks device config settings against standards to detect misconfigurations
Web-based CVSS calculator for scoring vulnerability severity
Scans embedded Linux systems for security design vulnerabilities
Remote cybersecurity audit tool for SMBs providing exposure assessment
External cybersecurity scanning tool for SMEs to identify exposed assets
Remote cybersecurity audit service for identifying vulnerabilities & exposure
External vulnerability scanning tool for websites and web applications
Website vulnerability scanning tool for identifying security weaknesses
AI-powered smart contract vulnerability scanner for Solidity code
Smart contract audit service combining AI scanning and manual code review
PCI DSS-certified ASV scanning service for payment card compliance.
PCI DSS ASV scanning service for quarterly CDE vulnerability attestation.
AI-driven vulnerability scanner automating discovery, analysis & prioritization.
Managed cloud vuln scanning with compliance-mapped reporting for ISO, DORA, NIS2, SOC 2.
Web security tool monitoring availability, SSL/TLS, DNS, headers & CVEs.
Dynamic web app & API vulnerability scanner with free and paid tiers.
WordPress plugin for website security scanning via the Guardian360 API.
Applies AETs to IP traffic to test security defence evasion capabilities.
Windows-based suite for network auditing, scanning, monitoring & vuln detection.
Network auditing toolkit for vulnerability scanning, monitoring & packet analysis.
Lab testing tool for security assessment and vulnerability analysis
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
Automate Google Hacking Database scraping and searching with Pagodo, a tool for finding vulnerabilities and sensitive information.
A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.
Fast, smart, effective port scanner with extensive extendability and adaptive learning.
A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.
A next-generation network scanner for identifying security configuration weaknesses in devices like routers, firewalls, and switches.
A tool for SSH server auditing with comprehensive analysis capabilities.
CryptoLyzer is a cryptographic protocol analyzer that examines TLS, SSL, SSH, and DNSSEC server implementations with fingerprinting capabilities and multiple output formats.
testssl.sh is a free command line tool for checking server's TLS/SSL configurations with clear and machine-readable output.
A static analysis tool that detects Common Weakness Enumerations (CWEs) in ELF binaries across multiple CPU architectures using Ghidra-based disassembly and various analysis techniques.
A command-line tool that scans websites to detect publicly known security vulnerabilities in frontend JavaScript libraries using Snyk's vulnerability database.
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library with a focus on speed, reliability, and ease of integration.
Mass IP port scanner for Internet-scale scanning with high speed and flexibility.
A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.
A next-generation web scanner that identifies websites and recognizes web technologies, including content management systems, blogging platforms, and more.
WordPress security scanner for identifying vulnerabilities in WordPress websites.
A tool for automated security scanning of web applications and manual penetration testing.
A demonstration site for the Acunetix Web Vulnerability Scanner, intentionally vulnerable to various web-based attacks.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
A free online tool that scans and fixes common security issues in WordPress websites.
A hosted web application security testing tool that enables security researchers to register, activate their accounts, and scan web applications for vulnerabilities.
A proof-of-concept for an adaptive parallelised DNS prober
A fast and reliable port scanner written in Go, designed for attack surface discovery in bug bounties and penetration testing.
A CLI tool that enhances Nmap with 31 modules containing 459 scan profiles for streamlined network reconnaissance and security assessments.
A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses
DirSearch is a simple tool for finding files and directories on a web server.
A fast and flexible web fuzzer for identifying vulnerabilities in web applications
A modern directory scanner that can be used to find hidden directories and files on a web server.
A JavaScript scanner built in PHP for scraping URLs and other information.
A Burp Suite extension that passively scans JavaScript files to discover endpoint links and potential attack surfaces in web applications.
A python tool for discovering endpoints, parameters, and wordlists in a given target
A command-line tool that identifies and extracts parameters from HTTP requests and responses to assist with web application security testing and vulnerability assessment.
ParamPamPam is an open-source tool that detects and exploits web application vulnerabilities using fuzzing, SQL injection, and XSS techniques.
qsfuzz is a rule-based fuzzing tool for testing query string parameters in web applications to identify security vulnerabilities.
A Python-based command-line tool that scans websites for CORS misconfigurations by analyzing HTTP response headers to identify potential security vulnerabilities.
A security scanner that identifies Cross-Origin Resource Sharing (CORS) misconfigurations in web applications to detect potential vulnerabilities.
A multi-threaded scanner for identifying CORS flaws and misconfigurations
Command line tool for testing CRLF injection on a list of domains.
A security analysis tool that detects and analyzes open redirection vulnerabilities in web applications.
A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
A specialized scanner that detects XSS vulnerabilities in older versions of Swagger-ui implementations.
A bash script for scanning a target network for HTTP resources through XXE
A centralized dashboard for running and scheduling WordPress scans powered by wpscan utility.
WPRecon is a tool for recognizing vulnerabilities and blackbox information for WordPress.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
Grype is a vulnerability scanner for container images and filesystems that scans for known vulnerabilities and supports various image formats.
