SHODAN SHODAN is a search engine that lets you find specific computers (routers, servers, etc.) using a variety of filters. Some have also described it as a public port scan... Free Web Search IP addresses Security focused Add a feature 14 Like
Burp Suite Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing... Freemium Mac OS X Windows Linux BSD No features added Add a feature 27 Like
Nikto Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous... Free Open Source Mac OS X Windows Linux No features added Add a feature 17 Like
skipfish A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint -... Free Open Source Mac OS X Windows Linux BSD Command line interface Heuristic Detection Add a feature 14 Like Discontinued Skipfish is no longer maintained. Last version, 2.10 beta, released in December 2012, can be still downloaded from Google Code Archive
Acunetix Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free... Commercial Windows Web Wordpress No features added Add a feature 10 Like
IronWASP IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing. It is designed to be customizable... Free Open Source Mac OS X Windows Linux Penetration Testing Add a feature 5 Like
w3af w3af is a Web Application Attack and Audit Framework Free Open Source Windows Linux No features added Add a feature 11 Like
Netsparker Netsparker is the only False-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could... Commercial Windows No features added Add a feature 8 Like
wapiti Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool. Free Open Source Windows Linux Command line interface Security focused Add a feature 3 Like
Arachni Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of... Free Open Source Mac OS X Windows Linux No features added Add a feature 2 Like
detectify Detectify is a SaaS based web application service that analyzes the security status of your website and creates a report with the results. We focus on securing your site... Commercial Web No features added Add a feature 3 Like
SecApps Find security vulnerabilities right from your browser. Experience the next generation security tools without the need to install any additional software. Freemium Mac OS X Windows Linux Web Chrome OS Penetration Testing Portable Add a feature 1 Like
Tamper Data Firefox add-on that lets you change headers and request parameters before they're sent to the server. Unlike proxy request modifiers, it's integrated into the... Free Open Source Mac OS X Windows Linux Firefox Firefox extension Legacy Firefox Addon Penetration Testing Add a feature 3 Like Discontinued The extension is no longer developed since 2010 and it's not compatible with Firefox 57 and later. It still works on XUL-based Firefox forks like https://alternativeto.net/software/waterfox/ and https://alternativeto.net/software/palemoon/
SERVERWAT.CH Security Scanner Schedule vulnerability scans for your servers and get notified when it's time to call your admin. Commercial Web Penetration Testing Add a feature 3 Like
Intruder Intruder is a security monitoring platform for internet-facing systems. Intruder provides an easy to use security solution which continually scans your digital... Commercial Web Penetration Testing Add a feature 8 Like
