All Scanners
Showing 31 resultsWazuh
An open-source security platform providing unified host-based intrusion detection, vulnerability assessment, compliance auditing, and threat detection across endpoints, servers, and cloud workloads.
Trivy
A comprehensive open-source security scanner for containers, filesystems, Git repositories, and Infrastructure as Code, detecting vulnerabilities, misconfigurations, and exposed secrets.
SonarQube
The most widely deployed platform for continuous code quality and security analysis, performing static analysis across 30+ languages to detect bugs, vulnerabilities, and code smells.
Snyk
Developer security platform providing software composition analysis, static code analysis, container scanning, and IaC security testing integrated into the development workflow.
Semgrep
A fast, open-source static analysis tool that uses lightweight pattern matching to find bugs, security vulnerabilities, and anti-patterns across 30+ programming languages.
Prowler
An open-source cloud security assessment tool that performs automated auditing of AWS, Azure, GCP, and Kubernetes environments against hundreds of security best-practice checks.
MobSF
An automated, all-in-one mobile application security testing framework supporting static and dynamic analysis of Android, iOS, and Windows mobile apps.
Checkov
A static analysis tool for Infrastructure as Code that scans Terraform, CloudFormation, Kubernetes, Helm, ARM, and Serverless configurations for security misconfigurations and compliance violations.
Nexpose
Rapid7's on-premise vulnerability management scanner with Active Risk scoring, continuous asset discovery, and compliance benchmarking across network infrastructure and endpoints.
Metasploit
The world's most widely used penetration testing framework, providing a modular library of 2,600+ exploits, 2,100+ payloads, and 1,300+ auxiliary tools for the full attack lifecycle.
Invicti (Netsparker)
Enterprise-grade DAST platform using proof-based scanning to automatically confirm exploitable vulnerabilities in web applications and APIs with near-zero false positives.
GFI LanGuard
Commercial network security scanner and patch management platform that audits, identifies, and remediates vulnerabilities across Windows, macOS, and Linux endpoints.
Angry IP Scanner
Fast, cross-platform IP address and port scanner with a simple GUI, supporting multithreaded scanning, NetBIOS resolution, and multi-format export across Windows, macOS, and Linux.
Aircrack-ng
The de facto standard open-source suite for 802.11 wireless network security auditing, covering packet capture, traffic analysis, injection, and WEP/WPA/WPA2 key recovery.
Acunetix
Commercial DAST/IAST web application security scanner with proof-based scanning, DeepScan JavaScript rendering, and optional grey-box AcuSensor agent for code-level precision.
ZMap
Stateless single-packet network scanner engineered for Internet-wide surveys, capable of scanning the entire IPv4 space on a single port in under 45 minutes.
ZGrab2
Modular application-layer network scanner that performs deep protocol handshakes and banner grabbing across 33+ protocols, outputting structured JSON transcripts at Internet scale.
WPScan
The de facto WordPress security scanner, enumerating plugins, themes, and core versions against a curated database of 71,900+ known WordPress vulnerabilities.
Qualys
Cloud-native enterprise security platform delivering continuous vulnerability management, web application scanning, and compliance auditing across IT assets and cloud workloads.
OWASP Amass
Attack surface intelligence framework performing network mapping and external asset discovery using OSINT gathering and active reconnaissance across 50+ data sources.
Nuclei
A fast, template-driven vulnerability scanner with 12,000+ community-maintained detection templates covering CVEs, misconfigurations, and exposures across web, network, and cloud.
Naabu
A fast, lightweight port scanner built for attack surface discovery with SYN, CONNECT, and UDP scanning plus native Nmap and ProjectDiscovery toolchain integration.
Masscan
Internet-scale TCP port scanner capable of transmitting 10 million packets per second, scanning the entire IPv4 address space in under five minutes.
sqlmap
The definitive open-source SQL injection detection and exploitation tool, supporting 30+ database management systems and six injection techniques.
Nmap
The industry-standard network mapper for host discovery, port scanning, OS detection, and security auditing across networks of any scale.
Nikto
Open-source web server scanner that checks for dangerous files, outdated software, and misconfigurations across 6,700+ known vulnerability signatures.
Caido
A modern web application security proxy built in Rust, designed for penetration testers and bug bounty hunters as a fast alternative to legacy Java-based tools.
Nessus
The industry standard for vulnerability assessment, providing deep scanning capabilities for IT assets and compliance.
OpenVAS
A full-featured vulnerability scanner with a large community and comprehensive vulnerability tests updated daily.
Burp Suite
Professional tools for web application security testing, from scanning for vulnerabilities to exploiting them.
OWASP ZAP
The world's most widely used web app scanner. Free and open source for both automation and manual testing.