Skip to content

ttymeh/open-source-web-scanners

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
 
 
 
 

Repository files navigation

open-source-web-scanners

A list of open source web security scanners on GitHub and GitLab (just added), ordered by Stars. It does not provide in-depth analysis - for more analysis or a wider range of tools, see the links below.

Note that some large projects have multiple repos - in which case the second most relevant repo is included immediately after.

General Purpose Web Scanners

Tools which can find a range of 'unknown' vulnerabilities on any websites.

Main Site Last Commit Committers Stars
ZAP Last Commit Contributors Stars
- ZAP Extensions Last Commit Contributors Stars
W3af Last Commit Contributors Stars
Hetty Last Commit Contributors Stars
Arachni Last Commit Contributors Stars
Astra Last Commit Contributors Stars
Skipfish Last Commit Contributors Stars
Sitadel Last Commit Contributors Stars
Taipan Last Commit Contributors Stars
Vega Last Commit Contributors Stars
Wapiti Last Commit Contributors Stars
Tuplar Last Commit Contributors Stars
Ugly-duckling Last Commit Contributors Stars
Jawfish Last Commit Contributors Stars
Browserker Last Commit Contributors Stars

Infrastructure Web Scanners

Tools which can find a range of 'known' vulnerabilities on any websites.

Main Site Last Commit Committers Stars
Nuclei Last Commit Contributors Stars
- Nuclei Templates Last Commit Contributors Stars
Tsunami Last Commit Contributors Stars
Nikto Last Commit Contributors Stars
Striker Last Commit Contributors Stars
Jaeles Last Commit Contributors Stars
- Jaeles-Signatures Last Commit Contributors Stars
Yasuo Last Commit Contributors Stars
Observatory Last Commit Contributors Stars
Spaghetti Last Commit Contributors Stars

Fuzzers / Brute Forcers

Tools which focus on throwing 'bad stuff' at things - the user typically has to work out if it sticks.

Main Site Last Commit Committers Stars
dirsearch Last Commit Contributors Stars
Ffuf Last Commit Contributors Stars
gobuster Last Commit Contributors Stars
Wfuzz Last Commit Contributors Stars
feroxbuster Last Commit Contributors Stars
rustbusterv Last Commit Contributors Stars
vaf Last Commit Contributors Stars

CMS Web Scanners

Tools which can find a range of 'known' vulnerabilities on one or more CMS websites.

Main Site Last Commit Committers Stars
WPscan Last Commit Contributors Stars
Volnx Last Commit Contributors Stars
Droopescan Last Commit Contributors Stars
CMSScan Last Commit Contributors Stars
JoomScan Last Commit Contributors Stars
Clusterd Last Commit Contributors Stars

API Web Scanners

Tools which focus on web APIs.

Main Site Last Commit Committers Stars
Automatic API Attack Tool Last Commit Contributors Stars
Cherrybomb Last Commit Contributors Stars

Subdomain Discovery Tools

Tools which focus on finding subdomains of a domain using various methods.

Main Site Last Commit Committers Stars
github-subdomains Last Commit Contributors Stars
Amass Last Commit Contributors Stars

Specialised Scanners

Tools which focus on specific types of vulnerabilities.

Main Site Last Commit Committers Stars
Sqlmap Last Commit Contributors Stars
Comix Last Commit Contributors Stars
Xsscrapy Last Commit Contributors Stars

Hacking focused helpers

Tools which focus on specific types of vulnerabilities.

Main Site Last Commit Committers Stars Desc
qsreplace Last Commit Contributors Stars Accept URLs on stdin, replace all query string values with a user-supplied value, only output each combination of query string parameters once per host and path.

Links

Contribute

PR's welcomed.

Template line for GitHub projects (replace USER_REPO):

| []() | [![Last Commit](https://img.shields.io/github/last-commit/USER_REPO)](https://github.com/USER_REPO/commits) | [![Contributors](https://img.shields.io/github/contributors/USER_REPO)](https://github.com/USER_REPO/graphs/contributors) | [![Stars](https://img.shields.io/github/stars/USER_REPO)](https://github.com/USER_REPO/stargazers) |

Template line for GitLab projects (replace USER_REPO):

| []() | [![Last Commit](https://badgen.net/gitlab/last-commit/USER_REPO)](https://gitlab.com/USER_REPO/-/commits/master) | [![Contributors](https://badgen.net/gitlab/contributors/USER_REPO/)](https://gitlab.com/USER_REPO/-/graphs/master) | [![Stars](https://badgen.net/gitlab/stars/USER_REPO/)](https://gitlab.com/USER_REPO/-/starrers) |

About

A list of open source web security scanners

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published