Intruder!

Intruder alternatives

  • Zed Attack Proxy

  • The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

    tags: fuzzer owasp penetration-testing proxy sql-injection
  • SHODAN

  • SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

    tags: search-by-device search-engine search-ip-address security-focused
  • Nessus

  • The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.

    tags: port-scanner vulnerability-scanner
  • Burp Suite

  • Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

    tags: vulnerability-scanner web-testing web-security-scanner web-security-testing
  • Nikto

  • Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.

    tags: security-utilities vulnerability vulnerability-scanner
  • skipfish

  • A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

    tags: Discontinued command-line-interface vulnerability-scanner heuristic-detection reconnaissance
  • Acunetix

  • Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free Edition!

    tags: website-security
  • OpenVAS

  • The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

    tags: vulnerability-scanner
  • w3af

  • w3af is a Web Application Attack and Audit Framework

    tags: web-application-security web-security-scanner web-application-scanner web-hacking
  • IronWASP

  • IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable to the extent where users can create their own custom security scanners using it. Though an advanced user with Python/Ruby scripting expertise would be able to make full use of the platform, a lot of the tool's features are simple enough to be used by absolute beginners.

    tags: internet-security penetration-testing web-application
  • Netsparker

  • Netsparker is the only False-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could leave you dangerously exposed.

    tags: vulnerability-scanner website-security vulnerability website-security-scanner exploit
  • wapiti

  • Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

    tags: command-line-interface security-focused web-application-scanner web-application-security web-hacking
  • Arachni

  • Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

    tags: web-security xss sql-injection web-security-scanner web-application-scanner
  • Websecurify

  • Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

    tags: chromium google-chrome internet-security penetration-testing security-focused
  • OpenSCAP

  • SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise.

    tags: vulnerability-scanner cve main-page sce