The best open source alternative to Acunetix is SiteOne Crawler. If that doesn't suit you, our users have ranked more than 50 alternatives to Acunetix and 18 is open source so hopefully you can find a suitable replacement. Other interesting open source alternatives to Acunetix are Zed Attack Proxy (ZAP), OpenVAS, Lonkero and Nikto.
A free in-depth website analyzer providing audits of security, performance, SEO, accessibility and other technical aspects. Available as a desktop application for Windows/macOS/Linux and as a CLI tool for advanced users and CI/CD processes. It also includes an offline web page exporter.
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
Lonkero is a high-performance web vulnerability scanner built in Rust for penetration testers and bug bounty hunters who are tired of slow, bloated tools that generate hundreds of false positives.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers.
Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.
A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.
Firefox add-on that lets you change headers and request parameters before they're sent to the server. Unlike proxy request modifiers, it's integrated into the browser, so it has no problem with HTTPS connections, client authentication certificates, or other features that...
A general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
The All In One WordPress Security and Firewall is the ultimate security plugin that will take your website’s security to a whole new level.
Czechia
EU
Finland
United States
France
United Kingdom
OWASP ZAP is more of a web application pentesting tool but acunetix is a networking scanning tools