Scanning and Recon: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
mNo edit summary |
||
| Line 4: | Line 4: | ||
=== Vulnerability scanners === | === Vulnerability scanners === | ||
To quickly cover a lot ground it's a good idea to scan your target using vulnerability scanners as they might be able to discover a vulnerability or misconfiguration that you can't find. To avoid WAFs make sure to use a list of random user-agent strings and a residential proxy list if possible and maybe encode some payloads. | |||
* https://github.com/pry0cc/axiom. [https://twitter.com/Jhaddix/status/1633936278222962688?cxt=HHwWgIDUkeuY9KwtAAAA Twitter Thread] | * https://github.com/pry0cc/axiom. [https://twitter.com/Jhaddix/status/1633936278222962688?cxt=HHwWgIDUkeuY9KwtAAAA Twitter Thread] | ||
* https://github.com/OWASP/Amass | * https://github.com/OWASP/Amass | ||
Revision as of 00:42, 5 April 2023
These tools will scan web applications for vulnerabilities and misconfigurations, remember that they will cause a lot of traffic making lots of requests.
NOTE: This is not an exhaustive list.
Vulnerability scanners
To quickly cover a lot ground it's a good idea to scan your target using vulnerability scanners as they might be able to discover a vulnerability or misconfiguration that you can't find. To avoid WAFs make sure to use a list of random user-agent strings and a residential proxy list if possible and maybe encode some payloads.
- https://github.com/pry0cc/axiom. Twitter Thread
- https://github.com/OWASP/Amass
- https://github.com/six2dez/reconftw. Free scan config (no API)
- https://github.com/lanmaster53/recon-ng
- https://github.com/jaeles-project/jaeles
- https://github.com/1N3/Sn1per
- https://github.com/projectdiscovery/nuclei
- https://github.com/wpscanteam/wpscan [Free and paid]
- https://github.com/OWASP/joomscan
- https://github.com/immunIT/drupwn
- https://github.com/Tuhinshubhra/RED_HAWK
- https://github.com/root-tanishq/userefuzz
- https://github.com/epi052/feroxbuster
- https://sourceforge.net/projects/grendel
- https://www.cirt.net/nikto2
- https://github.com/greenbone/openvas-scanner
- https://wapiti.sourceforge.io
- http://w3af.org
- https://github.com/aboul3la/Sublist3r
- https://nmap.org/book/man-nse.html
- https://github.com/osmedeus/osmedeus-base [Free and Paid]
- https://github.com/v3n0m-Scanner/V3n0M-Scanner
- https://github.com/sqlmapproject/sqlmap
- https://github.com/r0oth3x49/ghauri
Port scanners
- https://github.com/nmap/nmap
- https://github.com/projectdiscovery/naabu
- https://github.com/robertdavidgraham/masscan
- https://github.com/zmap/zmap
- https://github.com/RustScan/RustScan
Technology scanners
NOTE: using browser add-ons will change your browser fingerprint and reduce anonymity.
- https://www.wappalyzer.com/
- https://www.whatruns.com/
- https://github.com/urbanadventurer/whatweb
- https://github.com/praetorian-inc/fingerprintx