渗透测试专用扫描器 漏洞扫描器

渗透测试专用扫描器 漏洞扫描器 服务器端模板注入漏洞检测与利用工具 wordpress扫描工具 无线安全审计工具 白盒代码安全审计系统 跟踪、分析PHP运行情况的工具 集合owasp top10漏洞扫描和边界资产发现能力的分布式web漏洞扫描框架 BkScanner 分布式插件化web漏洞扫描器 WEB渗透测试数据库

https://github.com/blackye/Jenkins/ (Jenkins漏洞探测、用户抓取爆破)

https://github.com/code-scan/dzscan/ (discuz扫描)

https://github.com/chuhades/CMS-Exploit-Framework/ (CMS攻击框架)

https://github.com/lijiejie/IISshortnameScanner/ (an IIS shortname Scanner)

https://github.com/riusksk/FlashScanner/ (flashxss扫描)

https://github.com/coffeehb/SSTIF (一个Fuzzing服务器端模板注入漏洞的半自动化工具)

https://github.com/epinna/tplmap (服务器端模板注入漏洞检测与利用工具)

https://github.com/cr0hn/dockerscan (docker扫描工具)

https://github.com/m4ll0k/WPSeku (一款精简的wordpress扫描工具)
无线网络扫描器
https://github.com/savio-code/fern-wifi-cracker/ (无线安全审计工具)

https://github.com/m4n3dw0lf/PytheM (Python网络/渗透测试工具)

https://github.com/P0cL4bs/WiFi-Pumpkin (无线安全渗透测试套件)
代码扫描器
https://github.com/wufeifei/cobra (白盒代码安全审计系统)

https://github.com/OneSourceCat/phpvulhunter (静态php代码审计)

https://github.com/Qihoo360/phptrace (跟踪、分析PHP运行情况的工具)

https://github.com/ajinabraham/NodeJsScan (NodeJS应用代码审计)
集成扫描器
https://github.com/az0ne/AZScanner (自动漏洞扫描器,子域名爆破,端口扫描,目录爆破,常用框架漏洞检测)

https://github.com/blackye/lalascan (集合owasp top10漏洞扫描和边界资产发现能力的分布式web漏洞扫描框架)

https://github.com/blackye/BkScanner (BkScanner 分布式、插件化web漏洞扫描器)

https://github.com/ysrc/GourdScanV2 (被动式漏洞扫描)

https://github.com/alpha1e0/pentestdb (WEB渗透测试数据库)

https://github.com/netxfly/passive_scan (基于
http代理的web漏洞扫描器)

https://github.com/1N3/Sn1per (自动化扫描器,包括中间件扫描以及设备指纹识别)

https://github.com/RASSec/pentestEr_Fully-automatic-scanner (定向全自动化渗透测试工具)

https://github.com/3xp10it/3xp10it (自动化渗透测试框架)

https://github.com/Lcys/lcyscan (扫描效果未验证)

https://github.com/Xyntax/POC-T (渗透测试插件化并发框架)

https://github.com/v3n0m-Scanner/V3n0M-Scanner (Scanner in Python3.5 for SQLi/XSS/LFI/RFI and other Vulns)
https://github.com/Skycrab/leakScan (web端的在线漏洞扫描)

https://github.com/zhangzhenfeng/AnyScan (又一款自动化渗透测试框架)

https://github.com/brianwrf/NagaScan (又一款自动化渗透测试框架)
高级持续性威胁(APT)

https://github.com/Neo23x0/Loki (一款APT入侵痕迹扫描器) 工控安全


https://github.com/w3h/icsmaster/tree/master/nse (ICS设备nmap扫描脚本)


Blackhat 2017 安全工具集:

Android, iOS and Mobile Hacking Android Tamer
https://github.com/AndroidTamer

DiffDroid
https://github.com/antojoseph/diff-droid

Kwetza
https://github.com/sensepost/kwetza

Needle
https://github.com/mwrlabs/needle

NoPE Proxy
http Proxy Extension)
https://github.com/summitt/Burp-Non-

http-Extension
Code Assessment Puma Scan
https://github.com/pumasecurity/puma-scan

Tintorera: Source Code Intelligence
(Code not yet uploaded)
https://github.com/vulnex/Tintorera

Cryptography Hashview
https://github.com/hashview/hashview

Gibber Sense
https://github.com/smxlabs/gibbersense

Data Forensics and Incident Response PcapDB: Optimized Full Network Packet Capture for Fast and Efficient Retrieval
https://github.com/dirtbags/pcapdb

SCOT
(Sandia Cyber Omni Tracker) Threat Intelligence and Incident Response Management System
https://github.com/sandialabs/scot

Security Monkey
https://github.com/Netflix/security_monkey

ThreatResponse: An Open Source Toolkit for Automating Incident Response in AWS
https://github.com/ThreatResponse

Yalda — Automated Bulk Intelligence Collection
(Code not yet uploaded)
https://github.com/gitaziabari/Yalda

Exploitation and Ethical Hacking AVET — AntiVirus Evasion Tool
https://github.com/govolution/avet

GDB Enhanced Features
(GEF)
https://github.com/hugsy/gef

Leviathan Framework
https://github.com/leviathan-framework/leviathan

MailSniper
https://github.com/dafthack/MailSniper

Seth
https://github.com/SySS-Research/Seth

Hardware/Embedded ChipWhisperer
https://github.com/newaetech/chipwhisperer

DYODE, a DIY, Low-Cost Data Diode for ICS
https://github.com/arnaudsoullie/dyode

FTW: Framework for Testing WAFs
https://github.com/fastly/ftw

The Bicho: An Advanced Car Backdoor Maker
https://github.com/UnaPibaGeek/CBM

Internet of Things Hacker Mode
https://github.com/xssninja/Alexa-Hacker-Mode

Universal Radio Hacker: Investigate Wireless Protocols Like a Boss
https://github.com/jopohl/urh

Malware Defense Aktaion v2 — Open Source Machine Learning and Active Defense Tool
https://github.com/jzadeh/Aktaion

Cuckoo Sandbox
https://github.com/cuckoosandbox/cuckoo

LimaCharlie
https://github.com/refractionPOINT/limacharlie

Malboxes
https://github.com/GoSecure/malboxes

Network Attacks BloodHound 1.3
https://github.com/BloodHoundAD/BloodHound

CrackMapExec v4
https://github.com/byt3bl33d3r/CrackMapExec

DELTA: SDN Security Evaluation Framework
https://github.com/OpenNetworkingFoundation/DELTA

eaphammer
https://github.com/s0lst1c3/eaphammer

gr-lora: An Open-Source SDR Implementation of the LoRa PHY
https://github.com/BastilleResearch/gr-lora

Yasuo
https://github.com/0xsauby/yasuo

Network Defense Assimilator
https://github.com/videlanicolas/assimilator

Noddos
https://github.com/noddos/noddos

SITCH: Distributed, Coordinated GSM Counter-Surveillance
https://github.com/sitch-io/sensor

Sweet Security
https://github.com/TravisFSmith/SweetSecurity

OSINT — Open Source Intelligence Datasploit — Automated Open Source Intelligence
(OSINT) Tool
https://github.com/DataSploit/datasploit

Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
https://github.com/dradis/dradis-ce

OSRFramework: Open Sources Research Framework
https://github.com/i3visio/osrframework

Reverse Engineering BinGrep
https://github.com/m4b/bingrep

Vulnerability Assessment Aardvark and Repokid
https://github.com/square/Aardvark SERPI

此文章来源于
https://www.ddosi.com /2017/09/30/scan/
2018年以前网站服务器的备份,当时决定不要了,删了所有东西,现在还原一下(有些图片挂了,永远找不回来了,sorry)

AZScanner 自动漏洞扫描器 常用框架漏洞检测

weblogic漏洞扫描工具 反序列化漏洞扫描工具

安全行业开源漏洞扫描器 Scanners Box