Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
des_outils_pour_un_scan_complet [2019/10/22 11:03] M0N5T3R |
des_outils_pour_un_scan_complet [2021/04/17 00:09] (Version actuelle) m0n5t3r |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci | ||
- | A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner | + | ====== Des outils pour un scan complet ====== |
+ | |||
+ | |||
+ | |||
+ | 🛠 Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use. | ||
+ | https://github.com/projectdiscovery/nuclei | ||
+ | |||
+ | |||
+ | 🛠 WMAP is a feature-rich web application vulnerability scanner that was originally created from a tool named SQLMap. This tool is integrated with Metasploit and allows us to conduct web application scanning from within the Metasploit Framework. https://www.offensive-security.com/metasploit-unleashed/wmap-web-scanner/ | ||
+ | |||
+ | 🛠 Pyfiscan is free web-application vulnerability and version scanner and can be used to locate out-dated versions of common web-applications in Linux-servers https://github.com/fgeek/pyfiscan | ||
+ | |||
+ | 🛠 A high performance offensive security tool for reconnaissance and vulnerability scanning https://github.com/evyatarmeged/Raccoon | ||
+ | |||
+ | |||
+ | 🛠 Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux https://github.com/baguswiratmaadi/catnip | ||
+ | |||
+ | |||
+ | |||
+ | 🛠 ScanT3r - Web Security Scanner https://github.com/knassar702/scant3r | ||
+ | |||
+ | 🛠 Web Vulnerability Scanner using Shell Script https://github.com/zerobyte-id/Bashter | ||
+ | |||
+ | 🛠 Fully automated offensive security framework for reconnaissance and vulnerability scanning https://j3ssie.github.io/Osmedeus/ | ||
+ | |||
+ | |||
+ | 🛠 A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner | ||
https://github.com/bahaabdelwahed/killshot | https://github.com/bahaabdelwahed/killshot | ||
- | Web Application Formal Exploiter: a formal and automated approach to exploit multiple vulnerabilities of web applications https://rhaidiz.net/2019/06/10/wafex/ | + | 🛠 Web Application Formal Exploiter: a formal and automated approach to exploit multiple vulnerabilities of web applications https://rhaidiz.net/2019/06/10/wafex/ |
+ | |||
+ | |||
+ | 🛠 The Multi-Tool Web Vulnerability Scanner. https://github.com/skavngr/rapidscan | ||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | |||
+ | 🛠 OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA. It would make a competitive edge compared to other scanner making it one of the bests. https://github.com/blackhatethicalhacking/OWASP-Nettacker | ||
+ | |||
+ | |||
+ | 🛠 Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. https://github.com/GoVanguard/legion | ||
+ | |||
+ | |||
+ | |||
+ | 🛠 Kn0ck is an automated scanner that can be used during a penetration testing to enumerate and scan for vulnerabilities. https://github.com/telnet22/Kn0ck | ||
+ | |||
+ | 🛠 Automated pentest framework for offensive security experts https://github.com/1N3/Sn1per | ||
+ | For more info : a sample of a sn1per report https://gist.github.com/1N3/8214ec2da2c91691bcbc | ||
+ | |||
+ |