30 open-source projects similar to x0day/bannerscan, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Bannerscan alternative.
Rengine is an automated reconnaissance framework and vulnerability management platform designed for attack surface monitoring. It functions as a centralized hub for discovering subdomains and open ports, gathering open-source intelligence, and tracking security flaws across target networks. The system integrates large language models to analyze reconnaissance data and generate vulnerability descriptions and insights. It distinguishes itself through a plugin-based tool integration that wraps external security scanning binaries and a target mapping system that tracks changes to assets over time
HowToHunt is a bug bounty hunting knowledge base and a structured guide for web application penetration testing. It provides a research methodology for organizing security testing procedures and validating application behaviors against known vulnerability patterns. The project features a curated library of security flaws and reconnaissance techniques. It organizes security testing into modular playbooks, checklists, and categorical vulnerability mappings to align specific exploitation techniques with target weaknesses. The repository covers a systematic sequence of information gathering task
Gowitness is a system for rendering web interfaces at scale to capture visual snapshots, HTTP metadata, and network scan results. It functions as a headless browser screenshot tool and a web surface mapper used to identify and visually document the attack surface of network ranges and URL lists. The tool includes a screenshot gallery server that provides a web-based interface for browsing, filtering, and managing a database of captures. It specifically serves as an Nmap target visualizer, parsing network scan results to automatically capture screenshots of discovered web services. Capabiliti
Get website IP address by scanning the entire net 通过扫描全网绕过CDN获取网站IP地址
Paskto will passively scan the web using the Common Crawl internet index either by downloading the indexes on request or parsing data from your local system. URLs are then processed through Nikto and known URL lists to identify interesting content. Hash signatures are also used to identify known…
GOWAPT is the younger brother of wfuzz a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it's just a matter of clicks.
Detect and bypass web application firewalls and protection systems
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Inforfinder is a tool made to collect information of any domain pointing at a server (ip,domain,range,file).
` / | () | () | | / | ' \ / | | ' \| '| | ' \ / | | || (| | | | | (| | | |) | | | | | | | (| | \\,|| ||\, ||./|| ||| ||\,| |/ Beta - v0.8.7 Dashboard Finder ``
@Author: xxlin @Date: 2019-04-11 20:34:14 @LastEditors: ttttmr @LastEditTime: 2019-06-03 23:49:33 -->
wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications.
w11scan是一款分布式的WEB指纹识别系统(包括CMS识别、js框架、组件容器、代码语言、WAF等等),管理员可以在WEB端新增/修改指纹,建立批量的扫描任务,并且支持多种搜索语法。
``` |#|/#//####/ /#####| /#\ |#\ |#| |#.#/|#| |#| /###\ |##\|#| |##| \#####\|#| /#/\#\ |#.#.#| |#.#\|#||#|_/#/###\#\|#|\##| |#|\#\#####/ \#####/#/ \#\#| \#|
I did this tool to help me to check which security headers are enabled on certain websites.
dirsearch is a command-line security tool and web path scanner used for discovering hidden directories and files on web servers. It functions as a recursive directory fuzzer and brute-force utility that identifies undocumented paths and sensitive files using wordlists and HTTP status codes. The tool distinguishes itself through template-driven path generation and an automated HTTP response filter that uses status codes, content length, and regex patterns to isolate valid targets. It supports recursive directory crawling to map complex web structures and provides state-persistence serializatio
CyberScan is an open source penetration testing tool that can analyse packets , decoding , scanning ports, pinging and geolocation of an IP including (latitude, longitude , region , country ...)
A very simple way to find out which SSL ciphersuites are supported by a target.
Tool to identify if a domain has got a CMS and determine his version.
Scan-T is an open source penetration testing tool that automates the process of detecting and collecting the hosts flaws and port fingerprinting. It comes with a powerful detection engine, many nice features for the ultimate penetration tester .
this tools can be searched web leak files