sullo / nikto

Related projects ⓘ

Alternatives and complementary repositories for nikto

• urbanadventurer / WhatWeb
  Next generation web scanner
  ☆5,557Updated 4 months ago
• xmendez / wfuzz
  Web application fuzzer
  ☆5,968Updated 3 months ago
• andresriancho / w3af
  w3af: web application attack and audit framework, the open source web vulnerability scanner.
  ☆4,584Updated last year
• offensive-security / exploitdb
  The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
  ☆7,737Updated 2 years ago
• OJ / gobuster
  Directory/File, DNS and VHost busting tool written in Go
  ☆10,154Updated last week
• beefproject / beef
  The Browser Exploitation Framework Project
  ☆9,860Updated this week
• rapid7 / metasploitable3
  Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
  ☆4,766Updated 4 months ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆4,613Updated this week
• byt3bl33d3r / CrackMapExec
  A swiss army knife for pentesting networks
  ☆8,457Updated 11 months ago
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆12,711Updated 4 months ago
• aboul3la / Sublist3r
  Fast subdomains enumeration tool for penetration testers
  ☆9,883Updated 3 months ago
• EnableSecurity / wafw00f
  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
  ☆5,300Updated last month
• 1N3 / Sn1per
  Attack Surface Management Platform
  ☆8,132Updated 3 weeks ago
• RedSiege / EyeWitness
  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  ☆4,996Updated 3 weeks ago
• guelfoweb / knock
  Knock Subdomain Scan
  ☆3,883Updated this week
• Ne0nd0g / merlin
  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
  ☆5,084Updated last month
• michenriksen / aquatone
  A Tool for Domain Flyovers
  ☆5,644Updated 2 years ago
• samratashok / nishang
  Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
  ☆8,804Updated 6 months ago
• rebootuser / LinEnum
  Scripted Local Linux Enumeration & Privilege Escalation Checks
  ☆7,040Updated last year
• owasp-amass / amass
  In-depth attack surface mapping and asset discovery
  ☆12,095Updated this week
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,249Updated last year
• projectdiscovery / subfinder
  Fast passive subdomain enumeration tool.
  ☆10,300Updated this week
• Veil-Framework / Veil
  Veil 3.1.X (Check version info in Veil at runtime)
  ☆4,008Updated last year
• scipag / vulscan
  Advanced vulnerability scanning with Nmap NSE
  ☆3,479Updated 2 months ago
• codingo / NoSQLMap
  Automated NoSQL database enumeration and web application exploitation tool.
  ☆2,929Updated 3 months ago
• epinna / weevely3
  Weaponized web shell
  ☆3,203Updated last month
• maurosoria / dirsearch
  Web path scanner
  ☆12,191Updated this week
• darkoperator / dnsrecon
  DNS Enumeration Script
  ☆2,641Updated this week
• vanhauser-thc / thc-hydra
  hydra
  ☆9,758Updated 3 months ago
• vulnersCom / nmap-vulners
  NSE script based on Vulners.com API
  ☆3,229Updated 7 months ago