Directory of Security Scanners Resources

Home > Computers > Security > Internet > Products and Tools > Security Scanners

Tools focused on Security Scanning, such as port scanners, penetration/security auditing tools, and patch management tools.

Subcategories

• Security Scanning Services

Resources in This Category

• Acunetix Web Vulnerability Scanner

  http://www.acunetix.com/
  Scans for common security vulnerabilities such as SQL injection, cross site scripting and other web vulnerabilities.

• Advanced IP Scanner

  http://www.advanced-ip-scanner.com/
  Free utility for Windows which scans for HTTP, HTTPS, FTP and shared folders.

• Angry IP Scanner

  http://angryip.org/
  A freeware IP scanner for Windows. Display NetBIOS information, MAC address; save result to CSV, TXT, HTML or XML file.

• AppDetective

  http://www.appsecinc.com/products/
  Network-based, discovery and vulnerability database assessment scanner.

• Arirang

  http://monkey.org/~pilot/
  A webserver security scanner based on twwwscan.

• Attack Tool Kit Project

  http://www.computec.ch/projekte/atk/
  An open-source utility to realize vulnerability checks and enhance security audits.

• AutoScan

  http://autoscan-network.com/
  An application designed to explore and to manage your network. Entire subnets can be scanned simultaneously without human intervention. OS detection, automatic network discovery, a port scanner, a Samba share browser, and the ability to save the network state.

• Beyond Security

  http://www.beyondsecurity.com/
  Vulnerability assessment of internal networks or Intranets using an automated scanning server.

• Card Recon

  http://www.groundlabs.com/products/crse
  Host based PCI DSS auditing tool for scanning desktop and server file systems for unprotected stored payment card data across a wide variety of file formats.

• Critical Watch

  http://www.criticalwatch.com/
  FusionVM automates the process of proactively managing network vulnerabilities and exposures. It enables a unified corporate process that is enterprise-wide, repeatable and measurable.

• Cum Security Toolkit (cst)

  http://www.blackhat.be/cst/
  Contains a cgi script scanner with 11 anti-IDS tactics and +2200 vulnerable scripts in the database; and a port scanner with banner grabber.

• CXL Ltd.

  http://www.cxlsecure.com/
  Provides details of AZScan, a non-intrusive software tool which will review the security Oracle and Unix, OS400 and OpenVMS systems.

• DominoDig

  http://dominodig.sourceforge.net/
  Audits Lotus Domino web servers. Produces an HTML report that provides a list of all the unique .nsf databases it was able to access, as well as IP addresses and email addresses.

• Filterrules

  http://www.hsc.fr/ressources/outils/filterrules/index.html.en
  Description and download of the GPL-licensed firewall testing and documentation tool.

• GFI LANguard

  http://www.gfi.com/products-and-solutions/network-security-solutions/gfi-languard
  Provides information such as service pack level of the machine, missing security patches, open shares, open ports, services/applications active on the computer, key registry entries, and weak passwords. Remotely install security patches and service packs.

• Gherkin

  http://sourceforge.net/projects/gherkin/
  Free security scan manager incorporating Nessus vulnerability scanning, dns and nmb lookup, host resolving, and nmap fingerprinting and scanning.

• Halberd

  https://github.com/jmbr/halberd
  Discovers HTTP load balancers. May be useful for testing load balancer configurations and for web application auditing purposes.

• httprecon project

  http://www.computec.ch/projekte/httprecon/
  Web server fingerprinting and enumeration.

• Infiltration Systems

  http://www.infiltration-systems.com/
  Network security scanning software for detecting, auditing, and fixing network security exploits and vulnerabilities.

• Inguama

  http://sourceforge.net/projects/inguma
  A free penetration testing and vulnerability discovery toolkit entirely written in python.

• IPaudit

  http://www.ipaudit.net/
  Check open ports on vulnerabilities.

• IPSonar

  http://www.lumeta.com/
  IPsonar maps and provides risk assessment to network assets.

• ISS

  http://www.iss.net/products/Internet_Scanner/product_main_page.html
  Internet Scanner Tool. Performs scheduled and selective probes of communication services, operating systems, applications and routers to uncover and report systems vulnerabilities that might be open to attack.

• Mavituna Security Ltd.: Netsparker

  https://www.mavitunasecurity.com/netsparker/
  Vulnerability scanner that identifies vulnerabilities such as XSS and SQL Injection in web applications.

• MaxPatrol Security Scanner

  http://www.maxpatrol.com/
  Network security and web-application scanner with prediction capabilities.

• MegaPing scanner

  http://www.magnetosoft.com/
  TCP and UDP portscanner and NetBIOS scanner, Displays installed service packs, open TCP and UDP ports, missing security patches.

• N-Stealth Security Scanner

  http://www.nstalker.com/
  Vulnerability-assessment product that scans web servers to identify security problems and weaknesses on local and remote web servers. Commercial and free editions are available.

• Nessus

  http://www.tenable.com/products/nessus
  Security scanner for Linux, BSD, Solaris, and other flavors of Unix. Performs over 900 remote security checks, and suggests solutions for security problems.

• Network Security: Know Your Weaknesses

  http://www.pcmag.com/article2/0,4149,1400225,00.asp
  Review of six vulnerability scanners.

• Nikto2

  http://www.cirt.net/Nikto2
  An Open Source (GPL) web server scanner.

• Nmap

  http://www.insecure.org/
  Developers of NMAP, a network port scanner and service detector offering stealth SYN scan, ping sweep, FTP bounce, UDP scan and operating system fingerprinting. Downloads, documentation, security tools directory and a mailing lists archive. [Windows, MacOS, Unix]

• Nsauditor.com

  http://www.nsauditor.com/
  Network security and vulnerability scanner, password and product key recovery software.

• NTOSpider

  http://www.ntobjectives.com/security-software/ntospider-application-security-scanner/
  Web application vulnerability scanner.

• PivX Solutions Inc

  http://www.pivx.com/
  Offer vulnerability and malware scanning software products for home and enterprise users.

• Portswigger.net

  http://portswigger.net/
  Web application security testing software. Product details, downloads, how to order and screenshots.

• Powerfuzzer

  http://powerfuzzer.sourceforge.net/
  A highly automated web fuzzer. It is capable of spidering website and identifying inputs.

• Proactive Windows Security Explorer

  http://www.elcomsoft.com/pwsex.html
  A password security test tool that's designed to identify and close security holes by executing an audit of account passwords, and exposing insecure account passwords.

• Product Review: Acunetix Web Vulnerability Scanner

  http://www.windowsecurity.com/articles/Product-Review-Acunetix-WVS.html
  A review of the Acunetix web vulnerability scanner.

• Qualys, Inc

  http://www.qualys.com/
  Online vulnerability scanner which scans for SANS "top ten" vulnerabilities.

• Rapid7

  http://www.rapid7.com/
  A vulnerability assessment and compliance solution that scans applications, databases, networks, and operating systems.

• Retina Network Security Scanner

  http://www.eeye.com/
  Identifies security vulnerabilities, suggests appropriate corrective actions and fixes. Free MyDoom, Nimda, DCOM, Sapphire SQL Worm, and Nimda scanner downloads.

• Saint Corporation

  http://www.saintcorporation.com/
  Network vulnerability assessment scanner.

• SCAP Repo, a repository of SCAP content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

  http://www.scaprepo.com/
  Search for SCAP (CVE, CCE, CPE, OVAL, XCCDF, CWE) content

• Secure Bytes Inc.

  http://www.secure-bytes.com/
  Computer and network security software, vulnerability assessment software, database auditing, and regulatory compliance tools.

• Shadow Security Scanner

  http://www.safety-lab.com/en/products/1.htm
  Offers vulnerability auditing modules for many systems and services. These include: NetBIOS, HTTP, CGI and WinCGI, FTP, DNS, DoS vulnerabilities, POP3, SMTP, LDAP, TCP/IP, UDP, Registry, Services, Users and Accounts, password vulnerabilities, publishing extensions, MSSQL, IBM BD2, Oracle, MySQL, PostgressSQL, Interbase, and MiniSQL.

• Shavlik Technologies, LLC

  http://www.shavlik.com/
  Patch management tool scans Microsoft servers and desktops. Schedule and immediate remote patch scans and installations. Freeware and command-line versions available.

• SourceForge.net: Gamja : Web vulnerability scanner

  http://sourceforge.net/projects/gamja
  Scans for XSS(Cross site scripting) and SQL Injection.

• SQL Server 2000 Security Tools

  http://www.microsoft.com/downloads/details.aspx?FamilyID=9552D43B-04EB-4AF9-9E24-6CDE4D933600&displaylang=en
  Microsoft tool scans for instances of MS SQL Server 2000 vulnerable to the "Slammer" worm, and then apply updates to the affected files. Includes SQL Scan, SQL Check,and SQL Critical Update.

• sqlmap: a blind SQL injection tool

  http://sqlmap.sourceforge.net/
  SQL scanner capable of enumerating entire remote databases, and perform an active database fingerprinting.

• Syhunt

  http://www.syhunt.com/
  Cross-site scripting, SQL attacks, OS attacks, directory traversal, cookie manipulation are tested. Claims not only to be able to find not only known vulnerabilities, but also potential new ones. CVE Compatible.

• Threatfactor NSIA

  http://threatfactor.com/Products
  A website scanner that monitors websites in real-time in order to detect defacements, compliance violations, exploits, sensitive information disclosure and other issues.

• Visionael Security Audit

  http://www.visionael.com/
  Software providing device discovery, scanning, prioritization, and report generation of vulnerabilities.

• Vulnerability Scanning Cluster Project

  https://sourceforge.net/projects/vscweb/
  A web-based interface for the Nessus vulnerability scanner and a backend queue manager for scan requests. Allows users to hierarchically manage networks of hosts, scanning policies, and automated scans.

• Wapiti

  http://wapiti.sourceforge.net/
  Acts like a fuzzer, injecting payloads to see if a script is vulnerable.

• Watchfire - AppScan

  http://www.watchfire.com/products/appscan/default.aspx
  A web application vulnerability assessment product.

• WebCruiser

  http://www.janusec.com/
  Vulnerability scanner and a series of security tools.

• websecurify

  http://www.websecurify.com/
  A cross-platform web-application security testing platform.

• WhatsMyIP.org

  http://www.whatsmyip.org/ports/
  Scans your ports and tells you which are open, closed, blocked etc.

• wmap

  http://netninja.com/files/wmap/
  A web scanner which checks for files and CGIs in non-standard directories.

Related Categories

• Home > Computers > Security > Malicious Software
• Home > Computers > Security > Malicious Software > Spyware and Adware > Detection and Removal Tools
• Home > Computers > Software > Internet > Network Management

 

Home > Computers > Security > Internet > Products and Tools > Security Scanners

 

---

 

Thanks to DMOZ, which built a great web directory for nearly two decades and freely shared it with the web. About us