Scanner
Browse 44 scanner tools
FEATURED
Single-host VM vulnerability scanner for SMBs with web app & exploit mapping.
Cloud-based on-demand malware scanner for Windows systems.
A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.
A secret scanning tool that examines NPM modules and ZIP files for exposed credentials and sensitive information using nuclei templates.
A multi-threaded scanner for identifying CORS flaws and misconfigurations
A command-line script that tests multiple domains from a list for open redirect vulnerabilities and reports findings.
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
SQLi-Hunter is an HTTP/HTTPS proxy server and SQLMAP API wrapper that simplifies the identification and exploitation of SQL injection vulnerabilities in web applications.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
A specialized scanner that detects XSS vulnerabilities in older versions of Swagger-ui implementations.
A python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
A security scanner that identifies Cross-Origin Resource Sharing (CORS) misconfigurations in web applications to detect potential vulnerabilities.
CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.
A CLI tool that enhances Nmap with 31 modules containing 459 scan profiles for streamlined network reconnaissance and security assessments.
Yar is a reconnaissance tool for scanning organizations, users, and repositories to identify vulnerabilities and security risks during security assessments.
S3Scanner is an open-source tool that scans S3 buckets across S3-compatible APIs to identify misconfigurations and security vulnerabilities.
YaraHunter scans container images, running Docker containers, and filesystems using YARA rules to detect malware indicators and signs of compromise.
A bash-based framework for discovering and extracting exposed .git repositories from web servers during penetration testing and bug bounty activities.
CorsMe is a specialized scanner that identifies Cross-Origin Resource Sharing (CORS) misconfigurations in web applications and provides remediation recommendations.
A JavaScript scanner built in PHP for scraping URLs and other information.
