FOFA AlternativesPenetration Testing Tools and other similar apps like FOFA

FOFA is described as 'Search engine that allows you to map global cyberspace' and is a penetration testing tool in the network & admin category. There are more than 25 alternatives to FOFA, not only websites but also apps for a variety of platforms, including Linux, Windows, SaaS and Mac apps. The best FOFA alternative is Shodan, which is free. Other great sites and apps similar to FOFA are Censys, Criminal IP, ZoomEye and IVRE.

More about FOFA
Copy a direct link to this comment to your clipboard
FOFA alternatives page was last updated

Alternatives list

  1. Shodan icon

    Shodan

     38 likes

    Shodan is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan directory or a search engine of banners.

    27 Shodan alternatives

    Cost / License

    • Freemium
    • Proprietary

    Application type

    Platforms

    • Online
    • Google Chrome
    • Mozilla Firefox
    • Software as a Service (SaaS)
    Shodan screenshot 1
     
  2. Censys icon

    Censys

     24 likes

    Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the internet.

    24 Censys alternatives

    Cost / License

    • Freemium
    • Open Source

    Application type

    Platforms

    • Online
    Censys screenshot 1
     
  4. Criminal IP icon

    Criminal IP

     58 likes

    Criminal IP protects IT assets and businesses by analyzing all years of cyber threats and prediciting exploits. Criminal IP provides real-time intelligence to enhance cybersecurity competencies in all aspects.

    Cost / License

    • Freemium
    • Proprietary

    Application type

    Platforms

    • Online
    Criminal IP screenshot 1
     
  5. ZoomEye icon

    ZoomEye

     15 likes

    Network mapping service.

    Cost / License

    • Freemium
    • Proprietary

    Platforms

    • Online
    ZoomEye screenshot 1
     
  6. IVRE icon

    IVRE

     24 likes

    Network recon framework, including a web interface to browse Nmap scan results.

    Cost / License

    Platforms

    • Mac
    • Windows
    • Linux
    • Online
    • BSD
    • Self-Hosted
    IVRE screenshot 1
     
  7. Whatoblock icon

    Whatoblock

     1 like

    Whatoblock is a real-time cybersecurity threat intelligence platform with global botnet tracking, scanner detection, interactive threat search, and a live threat map.

    Cost / License

    • Freemium
    • Proprietary

    Platforms

    • Online
    Whatoblock screenshot 1
     
  9. wapiti icon

    wapiti

     7 likes

    Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

    Cost / License

    • Free
    • Open Source

    Platforms

    • Windows
    • Linux
     
  10. Nautillo Pro icon

    Nautillo Pro

     1 like

    Test your website like a real attacker would. Nautillo Pro finds account takeover risks, API exposure, broken access control, and AI security flaws before users and hackers do.

    Cost / License

    • Freemium
    • Proprietary

    Platforms

    • Online
    • Software as a Service (SaaS)
    Nautillo Pro screenshot 1
     
  11. ShipSafe icon

    ShipSafe

     1 like

    ShipSafe is a free online website safety checker that helps users quickly analyze whether a website is safe or potentially risky. By entering a domain or URL, ShipSafe provides a trust score, security insights, and reputation indicators that help users avoid scams, phishing...

    Cost / License

    • Freemium
    • Proprietary

    Platforms

    • Software as a Service (SaaS)
    Wesite home page
     
  12. skipfish icon

    skipfish

     14 likes

    A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.

    Cost / License

    • Free
    • Open Source

    Application type

    Alerts

    • Discontinued

    Platforms

    • Mac
    • Windows
    • Linux
    • BSD
    at work, during scanning
     
  13. Websecurify icon

    Websecurify

     7 likes

    Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

    Cost / License

    • Paid
    • Proprietary

    Application type

    Platforms

    • Mac
    • Windows
    • Linux
     
  14. Pentestly.io icon

    Pentestly.io

     1 like

    Human-in-the-loop penetration testing enhanced with AI. Identify vulnerabilities faster, reduce risk, and stay audit-ready with actionable reports and real-time visibility.

    Cost / License

    • Paid
    • Proprietary

    Application type

    Platforms

    • Online
    Pentestly.io screenshot 1
     
12 of 27 FOFA alternatives