Scanning & Recon

Applications that assist either passively or actively with enumeration and reconnaissance

Tool

Description

Source

Amass

The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.

Arachni

Web application security scanner framework

AutoRecon

Multithreaded network recon tool - Simplifies Nmap - OSCP friendly

Basilisk

A tool using Shodan and RTSP to find vulnerable cameras around the world

BurpeSuite

Webapp scan and manipulation tool

bXSS

bXSS is a utility which can be used by bug hunters and organizations to identify Blind XSS

Commix

Can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to attacks

DalFox

XSS detection written in Go

DamnWebScanner

Chrome/Opera extension that identifies vulnerabilities on web pages

Dirsearch

Discover URIs/Subdomains/Virtual hostnames brute-force and dictionary

dnsenum2

multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks

DNSRecon

DNS Query Tool

DotDotPwn

The Directory Traversal Fuzzer

DOMDig

DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications (SPA) recursively.

ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Gobuster

Discover URIs/Subdomains/Virtual hostnames brute-force and dictionary

KiteRunner

Kiterunner is a tool that is capable of not only performing traditional content discovery at lightning fast speeds, but also bruteforcing routes/endpoints in modern applications (API) ()

LazyRecon

Bash script that automates recon tasks

LFISuite

LFI Suite is a totally automatic tool able to scan and exploit Local File Inclusion vulnerabilities using many different methods of attack

Masscan

This is an Internet-scale port scanner. It can scan the entire Internet in under 5 minutes, transmitting 10 million packets per second, from a single machine.

mzap

Multiple target ZAP Scanning

Nikto

Webapp vulnerability scanner

Nmap

Network Scanner

onesixtyone

An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply

sandmap

sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine

S3Scanner

A tool to find open S3 buckets and dump their contents

Sn1per

Automated vulnerability scanner

SQLiv

Massive SQL injection scanner

w3af

w3af is a Web Application Attack and Audit Framework.

Wapiti

Web App vulnerability scanner

Wordpresscan

A Wordpress vulnerability scanner

XSStrike

Advanced XSS detection suite

XSpear

XSpear is XSS Scanner on ruby gems

xsser

Automatic framework to detect, exploit and report xss vulnerabilities

Zaproxy

Web application vulnerability scanner and exploit automation provided by OWASP

Zenmap

GUI for Nmap

PreviousReversing & Binary Exploit NextSecurity Tool Plugins & Scripts

Last updated 3 years ago

Was this helpful?