Skip to content

vanGogen/open-source-web-scanners

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

95 Commits
 
 
 
 

Repository files navigation

open-source-web-scanners

A list of open source web security scanners on GitHub and GitLab, ordered by Stars. It does not provide in-depth analysis - for more analysis or a wider range of tools, see the links below.

Note that some large projects have multiple repos - in which case the second most relevant repo is included immediately after and is indented.

General Purpose Web Scanners

Tools which can find a range of 'unknown' vulnerabilities on any websites.

Main Site Last Commit Committers Stars
ZAP Last Commit Contributors Stars
- ZAP Extensions Last Commit Contributors Stars
Hetty Last Commit Contributors Stars
W3af Last Commit Contributors Stars
Arachni Last Commit Contributors Stars
Astra Last Commit Contributors Stars
Wapiti Last Commit Contributors Stars
Skipfish Last Commit Contributors Stars
Sitadel Last Commit Contributors Stars
Taipan Last Commit Contributors Stars
Vega Last Commit Contributors Stars
Reaper Last Commit Contributors Stars
BrowserBruter Last Commit Contributors Stars
Tuplar Last Commit Contributors Stars
Ugly-duckling Last Commit Contributors Stars
Jawfish Last Commit Contributors Stars
Pākiki Last Commit Contributors Stars
Browserker Last Commit Contributors Stars

Infrastructure Web Scanners

Tools which can find a range of 'known' vulnerabilities on any websites.

Main Site Last Commit Committers Stars
Nuclei Last Commit Contributors Stars
- Nuclei Templates Last Commit Contributors Stars
Xray Last Commit Contributors Stars
Tsunami Last Commit Contributors Stars
Nikto Last Commit Contributors Stars
Striker Last Commit Contributors Stars
Jaeles Last Commit Contributors Stars
- Jaeles-Signatures Last Commit Contributors Stars
Yasuo Last Commit Contributors Stars
Observatory Last Commit Contributors Stars
Spaghetti Last Commit Contributors Stars

Fuzzers / Brute Forcers

Tools which focus on throwing 'bad stuff' at things - the user typically has to work out if it sticks.

Main Site Last Commit Committers Stars
dirsearch Last Commit Contributors Stars
Ffuf Last Commit Contributors Stars
gobuster Last Commit Contributors Stars
Wfuzz Last Commit Contributors Stars
feroxbuster Last Commit Contributors Stars
rustbusterv Last Commit Contributors Stars
vaf Last Commit Contributors Stars
radamsa Last Commit Contributors Stars
BrowserBruter Last Commit Contributors Stars

CMS Web Scanners

Tools which can find a range of 'known' vulnerabilities on one or more CMS websites.

Main Site Last Commit Committers Stars
WPscan Last Commit Contributors Stars
Volnx Last Commit Contributors Stars
Droopescan Last Commit Contributors Stars
CMSScan Last Commit Contributors Stars
JoomScan Last Commit Contributors Stars
Clusterd Last Commit Contributors Stars

API Web Scanners

Tools which focus on web APIs.

Main Site Last Commit Committers Stars
Cherrybomb Last Commit Contributors Stars
Akto Last Commit Contributors Stars
Automatic API Attack Tool Last Commit Contributors Stars
VulnAPI Last Commit Contributors Stars

Specialised Scanners

Tools which focus on specific types of vulnerabilities.

Main Site Last Commit Committers Stars
Sqlmap Last Commit Contributors Stars
XSStrike Last Commit Contributors Stars
Commix Last Commit Contributors Stars
Tplmap Last Commit Contributors Stars
Dalfox Last Commit Contributors Stars
Fuxploider Last Commit Contributors Stars
Ghauri Last Commit Contributors Stars
NoSQLMap Last Commit Contributors Stars
Xsscrapy Last Commit Contributors Stars
XSpear Last Commit Contributors Stars
Gxss Last Commit Contributors Stars
Domdig Last Commit Contributors Stars
CakeFuzzer Last Commit Contributors Stars
Takeover Last Commit Contributors Stars
LFIscanner Last Commit Contributors Stars
YA-LFI Last Commit Contributors Stars
YA-CORS Last Commit Contributors Stars

Links

Contribute

PR's welcomed.

Template line for GitHub projects (replace USER_REPO):

| []() | [![Last Commit](https://img.shields.io/github/last-commit/USER_REPO)](https://github.com/USER_REPO/commits) | [![Contributors](https://img.shields.io/github/contributors/USER_REPO)](https://github.com/USER_REPO/graphs/contributors) | [![Stars](https://img.shields.io/github/stars/USER_REPO)](https://github.com/USER_REPO/stargazers) |

Template line for GitLab projects (replace USER_REPO):

| []() | [![Last Commit](https://badgen.net/gitlab/last-commit/USER_REPO)](https://gitlab.com/USER_REPO/-/commits/master) | [![Contributors](https://badgen.net/gitlab/contributors/USER_REPO/)](https://gitlab.com/USER_REPO/-/graphs/master) | [![Stars](https://badgen.net/gitlab/stars/USER_REPO/)](https://gitlab.com/USER_REPO/-/starrers) |

About

A list of open source web security scanners

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published