w3af: web application attack and audit framework, the open source web vulnerability scanner.
☆4,853Feb 22, 2023Updated 3 years ago
Alternatives and similar repositories for w3af
Users that are interested in w3af are comparing it to the libraries listed below
Sorting:
- Web Application Security Scanner Framework☆4,010May 22, 2025Updated 9 months ago
- Nikto web server scanner☆10,152Updated this week
- Web application fuzzer☆6,434Jan 21, 2026Updated last month
- Next generation web scanner☆6,434Oct 19, 2025Updated 4 months ago
- The ZAP by Checkmarx Core project☆14,826Updated this week
- Automatic SQL injection and database takeover tool☆36,768Feb 26, 2026Updated last week
- Open Source Vulnerability Management Platform☆6,284Feb 13, 2026Updated 3 weeks ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆6,213Jan 27, 2026Updated last month
- Attack Surface Management Platform☆9,435Feb 15, 2026Updated 3 weeks ago
- Web path scanner☆14,042Feb 20, 2026Updated 2 weeks ago
- WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websit…☆9,486Feb 16, 2026Updated 2 weeks ago
- Most advanced XSS scanner.☆14,787Apr 26, 2025Updated 10 months ago
- Metasploit Framework☆37,643Updated this week
- Automated All-in-One OS Command Injection Exploitation Tool☆5,645Feb 28, 2026Updated last week
- The Browser Exploitation Framework Project☆10,755Updated this week
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,835Nov 10, 2023Updated 2 years ago
- Automated NoSQL database enumeration and web application exploitation tool.☆3,240Feb 20, 2026Updated 2 weeks ago
- Fast subdomains enumeration tool for penetration testers☆10,841Aug 2, 2024Updated last year
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆12,052Updated this week
- A Tool for Domain Flyovers☆5,904May 22, 2022Updated 3 years ago
- A swiss army knife for pentesting networks☆9,086Dec 6, 2023Updated 2 years ago
- A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑☆8,849Oct 9, 2025Updated 5 months ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,821Jan 19, 2020Updated 6 years ago
- Advanced vulnerability scanning with Nmap NSE☆3,721Feb 6, 2026Updated last month
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,928Updated this week
- TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.☆25,397Jun 5, 2025Updated 9 months ago
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,847Nov 10, 2022Updated 3 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆8,776Dec 4, 2025Updated 3 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,655Jan 5, 2026Updated 2 months ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,900Aug 17, 2020Updated 5 years ago
- Exploitation Framework for Embedded Devices☆13,014Updated this week
- This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on th…☆4,174May 11, 2023Updated 2 years ago
- E-mails, subdomains and names Harvester - OSINT☆15,729Feb 22, 2026Updated 2 weeks ago
- This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.☆1,822May 27, 2022Updated 3 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago
- A DNS meta-query spider that enumerates DNS records, and subdomains.☆3,503Jan 13, 2022Updated 4 years ago
- This is a webshell open source project☆10,693Dec 24, 2024Updated last year
- In-depth attack surface mapping and asset discovery☆14,222Updated this week