IronWASP!

* **WiHawk** - WiFi Router Vulnerability Scanner by Anamika Singh https://twitter.com/anami2111
* **XmlChor** - Automatic XPATH Injection Exploitation Tool by Harshal Jamdade https://twitter.com/harshal2142
* **IronSAP** - SAP Security Scanner by Prasanna K https://twitter.com/prasannain
* **SSL Security Checker** - Scanner to discover vulnerabilities in SSL installations by Manish Saindane https://twitter.com/msaindane
* **OWASP Skanda** - Automatic SSRF Exploitation Tool by Jayesh Singh Chauhan https://twitter.com/jayeshsch
* **CSRF PoC Generator** - Tool for automatically generating exploits for CSRF vulnerabilities by Jayesh Singh Chauhan https://twitter.com/jayeshsch
* **HAWAS** - Tool for automatically detecting and dec

IronWASP alternatives

  • SHODAN

  • SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

    tags: search-by-device search-engine search-ip-address security-focused
  • Nessus

  • The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs and across physically separate networks.

    tags: port-scanner vulnerability-scanner
  • Nikto

  • Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.

    tags: security-utilities vulnerability vulnerability-scanner
  • snort

  • Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.

    tags: intrusion-detection intrusion-detection-system intrusion-prevention network-intrusion-detection-system network-monitoring
  • skipfish

  • A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets. Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.

    tags: Discontinued command-line-interface vulnerability-scanner heuristic-detection reconnaissance
  • Acunetix

  • Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free Edition!

    tags: website-security
  • w3af

  • w3af is a Web Application Attack and Audit Framework

    tags: web-application-security web-security-scanner web-application-scanner web-hacking
  • Netsparker

  • Netsparker is the only False-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could leave you dangerously exposed.

    tags: vulnerability-scanner website-security vulnerability website-security-scanner exploit
  • wapiti

  • Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

    tags: command-line-interface security-focused web-application-scanner web-application-security web-hacking
  • Websecurify

  • Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

    tags: chromium google-chrome internet-security penetration-testing security-focused
  • Network Hotfix Scanner

  • Network Hotfix Scanner is a free advanced hotfix check utility that scans network computers for missing hotfixes and patches, and helps you download and install them. NetHotfixScanner gives you a quick look at the hotfixes and patches installed or missed on any remote computer in your corporate network, it tells you by colored icons specific security bulletin rating ( critical, important, moderate ), title, description and bulletin URL. The tool is designed with a user-friendly interface and is easy to use. »

    tags: network-security patch vulnerability-scanner computer-security bulletin
  • Intruder

  • Intruder is a proactive security monitoring platform for internet-facing systems.

    tags: hacking security-and-privacy security-as-a-service security-auditing security-testing
  • Golem Security Scanner

  • Golem Security Scanner is a powerful and intuitive website security scanner which uses a combination of proprietary and open source scanners to maximize the scan findings. Much less expensive for the paid version than other providers, with a free option which scans a portion of the site.

    tags: web-application-security website-security-scanner website-virus-scan