Open Source Nessus Alternatives

Metasploit Community Edition simplifies network discovery and vulnerability verification for specific exploits, increasing the effectiveness of vulnerability scanners such as Nexpose - for free.

The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

SCAP is a line of standards managed by NIST.

A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.

Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.

BabySploit is a penetration testing toolkit aimed at making it easy to learn how to use bigger, more complicated frameworks like Metasploit.

Strobes is a one-stop-shop solution for all security stakeholders to ensure that their enterprise is well guarded against security issues and cyber attacks.

kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster that you don't own!

Improve your authentication security for your linux servers with mutual TLS (mTLS). WoTT automatically rotates private keys with our public key infrastructure (PKI) and lets you seamlessly and easily manage certificates at scale.