Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 pot...

**Install ****(recommended****: **Run from a git repo   
**Download (recommended:** Latest GitHub Release (zip
**Stable Release: **Version 2.1.5 bz2
or gz
/ Changelog

Go to

Nikto alternatives

Zed Attack Proxy

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to ...

tags: fuzzer owasp penetration-testing proxy sql-injection
platform: Mac OS X Windows Linux


SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as...

tags: search-by-device search-engine search-ip-address security-focused
platform: Online


A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, mini...

tags: Discontinued command-line-interface vulnerability-scanner heuristic-detection reconnaissance
platform: Mac OS X Windows Linux BSD Discontinued


Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security S...

tags: website-security
platform: Windows Online Wordpress


w3af is a Web Application Attack and Audit Framework

tags: web-application-security web-security-scanner web-application-scanner web-hacking
platform: Windows Linux


IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is design...

tags: internet-security penetration-testing web-application
platform: Mac OS X Windows Linux


Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

tags: command-line-interface security-focused web-application-scanner web-application-security web-hacking
platform: Windows Linux


Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators eval...

tags: web-security xss sql-injection web-security-scanner web-application-scanner
platform: Mac OS X Windows Linux


Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and...

tags: chromium google-chrome internet-security penetration-testing security-focused
platform: Mac OS X Windows Linux


Intruder is a proactive security monitoring platform for internet-facing systems.

tags: hacking security-and-privacy security-as-a-service security-auditing security-testing
platform: Online


Yang is yet another Nikto GUI; Software for analyzing and securing your servers. Yang establish diagnostics on :

tags: server-monitoring security-utilities server-analysis http-analyzer server-checking
platform: Mac OS X

Network Hotfix Scanner

Network Hotfix Scanner is a free advanced hotfix check utility that scans network computers for missing hotfixes and patches, and helps you downloa...

tags: network-security patch vulnerability-scanner computer-security bulletin
platform: Windows


Ammonite is a web application security scanner extension for Fiddler. Ammonite detects common vulnerabilities such as SQL injection, OS command inj...

tags: penetration-testing security-testing software-testing sql-injection xss
platform: Windows Fiddler

Golem Security Scanner

Golem Security Scanner is a powerful and intuitive website security scanner which uses a combination of proprietary and open source scanners to max...

tags: web-application-security website-security-scanner website-virus-scan
platform: Online