External attack surface discovery, enumeration and reconnaissance for massive networks. ScanCannon is a tool designed to help security professionals and researchers discover and enumerate external attack surfaces, including IP addresses, subdomains, and other potential entry points. It's a Python-based tool that uses various techniques to scan and gather information about a target network, including DNS, HTTP, and other protocols. ScanCannon is designed to be a powerful and flexible tool for security professionals and researchers, and can be used to identify potential vulnerabilities and weaknesses in a target network. It's a great tool for anyone looking to improve their network security and stay ahead of potential threats.
FEATURES
ALTERNATIVES
OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.
A smart SSRF scanner using different methods like parameter brute forcing in post and get requests.
Snort 3 is the next generation Snort IPS with enhanced features and improved cross-platform support.
A textmode sniffer for tracking tcp streams and capturing data in various modes.
A collection of PCAPs for ICS/SCADA utilities and protocols with the option for users to contribute.
DOS attack by sending fake BPDUs to disrupt switches' STP engines.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.