Operational Intel 2026

Vulnerability Scanners

Network, Web & Recon

An authoritative directory for cybersecurity professionals. High-performance vulnerability scanners, curated tools, and technical intelligence for modern infrastructure deployments.

search
Browse All Scanners

Popular Scanners

Showing 31 results
security
Open source

Wazuh

An open-source security platform providing unified host-based intrusion detection, vulnerability assessment, compliance auditing, and threat detection across endpoints, servers, and cloud workloads.

Network Security Cloud Native
Popularity: 80%
security
Open source

Trivy

A comprehensive open-source security scanner for containers, filesystems, Git repositories, and Infrastructure as Code, detecting vulnerabilities, misconfigurations, and exposed secrets.

Cloud Native Compliance
Popularity: 88%
security
Open source

SonarQube

The most widely deployed platform for continuous code quality and security analysis, performing static analysis across 30+ languages to detect bugs, vulnerabilities, and code smells.

Web Security Compliance
Popularity: 92%
security
Commercial

Snyk

Developer security platform providing software composition analysis, static code analysis, container scanning, and IaC security testing integrated into the development workflow.

Web Security Cloud Native
Popularity: 90%
security
Open source

Semgrep

A fast, open-source static analysis tool that uses lightweight pattern matching to find bugs, security vulnerabilities, and anti-patterns across 30+ programming languages.

Web Security Cloud Native
Popularity: 82%
security
Open source

Prowler

An open-source cloud security assessment tool that performs automated auditing of AWS, Azure, GCP, and Kubernetes environments against hundreds of security best-practice checks.

Cloud Native Compliance
Popularity: 75%
security
Open source

MobSF

An automated, all-in-one mobile application security testing framework supporting static and dynamic analysis of Android, iOS, and Windows mobile apps.

Mobile Web Security
Popularity: 72%
security
Open source

Checkov

A static analysis tool for Infrastructure as Code that scans Terraform, CloudFormation, Kubernetes, Helm, ARM, and Serverless configurations for security misconfigurations and compliance violations.

Cloud Native Compliance
Popularity: 70%
security
Commercial

Nexpose

Rapid7's on-premise vulnerability management scanner with Active Risk scoring, continuous asset discovery, and compliance benchmarking across network infrastructure and endpoints.

Network Security Compliance
Popularity: 72%
security
Open source

Metasploit

The world's most widely used penetration testing framework, providing a modular library of 2,600+ exploits, 2,100+ payloads, and 1,300+ auxiliary tools for the full attack lifecycle.

Network Security Web Security
Popularity: 95%
security
Commercial

Invicti (Netsparker)

Enterprise-grade DAST platform using proof-based scanning to automatically confirm exploitable vulnerabilities in web applications and APIs with near-zero false positives.

Web Security Compliance
Popularity: 72%
security
Commercial

GFI LanGuard

Commercial network security scanner and patch management platform that audits, identifies, and remediates vulnerabilities across Windows, macOS, and Linux endpoints.

Network Security Compliance
Popularity: 50%
Load Full Registry

Published CVEs Per Year

Source: NIST National Vulnerability Database

2020
19,249
2021
21,957
2022
26,448
2023
30,898
2024
40,783
2025
49,920
shield

Vulnerability

A weakness in the computational logic (e.g., code) found in software and hardware components that, when exploited, results in a negative impact to confidentiality, integrity, or availability. — NIST

trending_up

+34%

Exploitation of vulnerabilities as an initial access step for a data breach grew by 34% in 2025. — Verizon DBIR