Reconnaissance

The de facto standard open-source suite for 802.11 wireless network security auditing, covering packet capture, traffic analysis, injection, and WEP/WPA/WPA2 key recovery.

Fast, cross-platform IP address and port scanner with a simple GUI, supporting multithreaded scanning, NetBIOS resolution, and multi-format export across Windows, macOS, and Linux.

The world's most widely used penetration testing framework, providing a modular library of 2,600+ exploits, 2,100+ payloads, and 1,300+ auxiliary tools for the full attack lifecycle.

Internet-scale TCP port scanner capable of transmitting 10 million packets per second, scanning the entire IPv4 address space in under five minutes.

A fast, lightweight port scanner built for attack surface discovery with SYN, CONNECT, and UDP scanning plus native Nmap and ProjectDiscovery toolchain integration.

A fast, template-driven vulnerability scanner with 12,000+ community-maintained detection templates covering CVEs, misconfigurations, and exposures across web, network, and cloud.

Attack surface intelligence framework performing network mapping and external asset discovery using OSINT gathering and active reconnaissance across 50+ data sources.

The de facto WordPress security scanner, enumerating plugins, themes, and core versions against a curated database of 71,900+ known WordPress vulnerabilities.

Modular application-layer network scanner that performs deep protocol handshakes and banner grabbing across 33+ protocols, outputting structured JSON transcripts at Internet scale.

Stateless single-packet network scanner engineered for Internet-wide surveys, capable of scanning the entire IPv4 space on a single port in under 45 minutes.

Open-source web server scanner that checks for dangerous files, outdated software, and misconfigurations across 6,700+ known vulnerability signatures.

The industry-standard network mapper for host discovery, port scanning, OS detection, and security auditing across networks of any scale.

Professional tools for web application security testing, from scanning for vulnerabilities to exploiting them.

The world's most widely used web app scanner. Free and open source for both automation and manual testing.