Scanning and Recon: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
|||
| Line 4: | Line 4: | ||
=== Vulnerability scanners === | === Vulnerability scanners === | ||
* https://github.com/pry0cc/axiom. [https://twitter.com/Jhaddix/status/1633936278222962688?cxt=HHwWgIDUkeuY9KwtAAAA Twitter Thread | * https://github.com/pry0cc/axiom. [https://twitter.com/Jhaddix/status/1633936278222962688?cxt=HHwWgIDUkeuY9KwtAAAA Twitter Thread] | ||
* https://github.com/OWASP/Amass | * https://github.com/OWASP/Amass | ||
* https://github.com/six2dez/reconftw. [https://gist.github.com/jhaddix/141d9cb07ca0590dbc43389e0e4af98f Free scan config (no API) | * https://github.com/six2dez/reconftw. [https://gist.github.com/jhaddix/141d9cb07ca0590dbc43389e0e4af98f Free scan config (no API)] | ||
* https://github.com/lanmaster53/recon-ng | * https://github.com/lanmaster53/recon-ng | ||
* https://github.com/jaeles-project/jaeles | * https://github.com/jaeles-project/jaeles | ||
* https://github.com/1N3/Sn1per | * https://github.com/1N3/Sn1per | ||
* https://github.com/projectdiscovery/nuclei | * https://github.com/projectdiscovery/nuclei | ||
* https://github.com/wpscanteam/wpscan [Free and paid] | * https://github.com/wpscanteam/wpscan [Free and paid] | ||
* https://github.com/OWASP/joomscan | * https://github.com/OWASP/joomscan | ||
* https://github.com/immunIT/drupwn | * https://github.com/immunIT/drupwn | ||
* https://github.com/Tuhinshubhra/RED_HAWK | * https://github.com/Tuhinshubhra/RED_HAWK | ||
* https://github.com/root-tanishq/userefuzz | * https://github.com/root-tanishq/userefuzz | ||
* https://github.com/epi052/feroxbuster | * https://github.com/epi052/feroxbuster | ||
* https://sourceforge.net/projects/grendel | * https://sourceforge.net/projects/grendel | ||
* https://www.cirt.net/nikto2 | * https://www.cirt.net/nikto2 | ||
* https://github.com/greenbone/openvas-scanner | * https://github.com/greenbone/openvas-scanner | ||
* https://wapiti.sourceforge.io | * https://wapiti.sourceforge.io | ||
* http://w3af.org | * http://w3af.org | ||
* https://github.com/aboul3la/Sublist3r | * https://github.com/aboul3la/Sublist3r | ||
* https://nmap.org/book/man-nse.html | * https://nmap.org/book/man-nse.html | ||
* https://github.com/osmedeus/osmedeus-base [Free and Paid] | * https://github.com/osmedeus/osmedeus-base [Free and Paid] | ||
* https://github.com/v3n0m-Scanner/V3n0M-Scanner | * https://github.com/v3n0m-Scanner/V3n0M-Scanner | ||
* https://github.com/sqlmapproject/sqlmap | * https://github.com/sqlmapproject/sqlmap | ||
* https://github.com/r0oth3x49/ghauri | * https://github.com/r0oth3x49/ghauri | ||
=== Port scanners === | === Port scanners === | ||
* https://github.com/nmap/nmap | * https://github.com/nmap/nmap | ||
* https://github.com/projectdiscovery/naabu | * https://github.com/projectdiscovery/naabu | ||
* https://github.com/robertdavidgraham/masscan | * https://github.com/robertdavidgraham/masscan | ||
* https://github.com/zmap/zmap | * https://github.com/zmap/zmap | ||
* https://github.com/RustScan/RustScan | * https://github.com/RustScan/RustScan | ||
=== Technology scanners === | === Technology scanners === | ||
NOTE: using browser add-ons will change your browser fingerprint and reduce anonymity. | NOTE: using browser add-ons will change your browser fingerprint and reduce anonymity. | ||
* https://www.wappalyzer.com/ | * https://www.wappalyzer.com/ | ||
* https://www.whatruns.com/ | * https://www.whatruns.com/ | ||
* https://github.com/urbanadventurer/whatweb | * https://github.com/urbanadventurer/whatweb | ||
* https://github.com/praetorian-inc/fingerprintx | * https://github.com/praetorian-inc/fingerprintx | ||
=== Google Hacking === | === Google Hacking === | ||
* https://github.com/Proviesec/google-dorks | * https://github.com/Proviesec/google-dorks | ||
* https://www.exploit-db.com/google-hacking-database | * https://www.exploit-db.com/google-hacking-database | ||
Revision as of 00:15, 5 April 2023
These tools will scan web applications for vulnerabilities and misconfigurations, remember that they will cause a lot of traffic making lots of requests.
NOTE: This is not an exhaustive list.
Vulnerability scanners
- https://github.com/pry0cc/axiom. Twitter Thread
- https://github.com/OWASP/Amass
- https://github.com/six2dez/reconftw. Free scan config (no API)
- https://github.com/lanmaster53/recon-ng
- https://github.com/jaeles-project/jaeles
- https://github.com/1N3/Sn1per
- https://github.com/projectdiscovery/nuclei
- https://github.com/wpscanteam/wpscan [Free and paid]
- https://github.com/OWASP/joomscan
- https://github.com/immunIT/drupwn
- https://github.com/Tuhinshubhra/RED_HAWK
- https://github.com/root-tanishq/userefuzz
- https://github.com/epi052/feroxbuster
- https://sourceforge.net/projects/grendel
- https://www.cirt.net/nikto2
- https://github.com/greenbone/openvas-scanner
- https://wapiti.sourceforge.io
- http://w3af.org
- https://github.com/aboul3la/Sublist3r
- https://nmap.org/book/man-nse.html
- https://github.com/osmedeus/osmedeus-base [Free and Paid]
- https://github.com/v3n0m-Scanner/V3n0M-Scanner
- https://github.com/sqlmapproject/sqlmap
- https://github.com/r0oth3x49/ghauri
Port scanners
- https://github.com/nmap/nmap
- https://github.com/projectdiscovery/naabu
- https://github.com/robertdavidgraham/masscan
- https://github.com/zmap/zmap
- https://github.com/RustScan/RustScan
Technology scanners
NOTE: using browser add-ons will change your browser fingerprint and reduce anonymity.
- https://www.wappalyzer.com/
- https://www.whatruns.com/
- https://github.com/urbanadventurer/whatweb
- https://github.com/praetorian-inc/fingerprintx