Open Source Nessus AlternativesTop Vulnerability Scanners and other similar apps like Nessus
The best open source alternative to Nessus is SiteOne Crawler. If that doesn't suit you, our users have ranked more than 25 alternatives to Nessus and 13 is open source so hopefully you can find a suitable replacement. Other interesting open source alternatives to Nessus are Metasploit, OpenVAS, PhoneSploit Pro and OpenSCAP.
- Vulnerability Scanner
- Paid • Proprietary
- 26 SiteOne Crawler alternatives
A free in-depth website analyzer providing audits of security, performance, SEO, accessibility and other technical aspects. Available as a desktop application for Windows/macOS/Linux and as a CLI tool for advanced users and CI/CD processes. It also includes an offline web page exporter.
License model
- Free • Open Source
Application types
Country of Origin
Czechia
EU
Platforms
- Mac
- Windows
- Linux
Top SiteOne Crawler Features
- 20 Metasploit alternatives
Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose - for free. This helps prioritize remediation and eliminate false positives, providing true...
License model
- Free Personal • Open Source
Application types
Country of Origin
United States
Platforms
- Windows
- Linux
- BSD
Metasploit Features
- 28 OpenVAS alternatives
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
OpenVAS Features
- 19 PhoneSploit Pro alternatives
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
License model
- Free • Open Source
Application type
Country of Origin
India
Platforms
- Mac
- Windows
- Linux
PhoneSploit Pro Features
- 13 OpenSCAP alternatives
SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for...
- 21 nuclei alternatives
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.
License model
- Free • Open Source
Application type
Country of Origin
United States
Platforms
- Mac
- Windows
- Linux
nuclei Features
A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.
License model
- Free • Open Source
Application type
Country of Origin
United States
Platforms
- Mac
- Windows
- Linux
- BSD
DiscontinuedSkipfish is no longer maintained. Last version, 2.10 beta, released in December 2012, can be still downloaded from Google Code Archive
skipfish Features
A general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
License model
- Free • Open Source
Application type
Country of Origin
United States
Platforms
- Self-Hosted
Tsunami Features
RedEye is an open-source analytic tool developed by CISA and DOE’s Pacific Northwest National Laboratory to assist Red Teams with visualizing and reporting command and control activities. This tool, released in October 2022 on GitHub, allows an operator to assess and display...
License model
- Free • Open Source
Country of Origin
United States
Platforms
- Mac
- Windows
- Linux
RedEye Features
BabySploit is a penetration testing toolkit aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit. With a very easy to use UI and toolkit, anybody from any experience level will find...
Strobes is an integrated cybersecurity platform that combines Attack Surface Management, Penetration Testing-as-a-service, and Risk-Based Vulnerability Management to continuously manage your threat exposure.
License model
- Freemium • Open Source
Application type
Country of Origin
United States
Platforms
- Software as a Service (SaaS)
Strobes Features
kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own!
License model
- Free • Open Source
Country of Origin
Israel
Platforms
- Linux