Search Results for "web scanner"
Sort By:
Showing 175 open source projects for "web scanner"
View related business solutions-
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
...This is especially valuable for projects that mix web UIs with server-side scripting, developer tooling, or plugin ecosystems where untrusted input could enter execution paths. The scanner integrates with standard CI/CD pipelines, letting teams detect issues early in development rather than discovering them in production or during penetration testing. -
2
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
3
Digna Web Scanner
A tool to check web apps for vulnerabilty
This web application scanner is a powerful tool designed to identify potential security vulnerabilities in websites with full GUI (no need to cli). It currently performs checks for: SQL Injection (SQLi): Detects vulnerabilities that could allow attackers to inject malicious SQL code and manipulate the database. XSS Cross-site-scripting: Detect vulnerability that allow attackers to inject client-side scripts into web pages Cross-Site Request Forgery (CSRF): Helps discover vulnerabilities that could allow attackers to trick users into performing unintended actions on a website. ... -
4
WhatWeb
Next generation web scanner
WhatWeb is a Ruby-based web scanner for fingerprinting websites. It identifies CMS, server technologies, JavaScript frameworks, and other characteristics by analyzing HTML, headers, JavaScript, cookies, and responses. Commonly used in reconnaissance and security assessments. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.... -
6
Agregore Browser
A minimal browser for the distributed web (Desktop version)
A minimal web browser for the distributed web. Web Extension support. Built-in Markdown/Gemini/JSON rendering extension. Built-in QR code scanner and generator extension. Generate a QR code for the current page. Scan a QR code from the browser action window. Right-click a link or image to generate a QR code for it. Built-in ad blocker (ublock origin). -
7
Wfuzz
Web application fuzzer
Wfuzz provides a framework to automate web applications security assessments and could help you to secure your web applications by finding and exploiting web application vulnerabilities. Wfuzz it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload. A payload in Wfuzz is a source of data. This simple concept allows any input to be injected in any field of an HTTP request, allowing to perform complex web security attacks in different web... -
8
OSINT Framework
OSINT Framework
OSINT-Framework is a web-based intelligence resource map designed to help investigators and researchers quickly locate free open-source intelligence tools and data sources. Rather than functioning as an automated scanner, it organizes hundreds of OSINT resources into a structured, navigable interface grouped by investigation type, such as usernames, email addresses, domains, and social media. -
9
Scanner of Death is a network vulnerability scanner.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
Mailu
Insular email distribution - mail server as Docker images
Mailu is a simple yet full-featured mail server as a set of Docker images. It is free software (both as in free beer and as in free speech), open to suggestions and external contributions. The project aims at providing people with an easily setup, easily maintained and full-featured mail server while not shipping proprietary software nor unrelated features often found in popular groupware. Security, enforced TLS, DANE, MTA-STS, Letsencrypt!, outgoing DKIM, anti-virus scanner, Snuffleupagus,... -
11
OSV.dev
Open source vulnerability DB and triage service
...It powers the osv.dev website, providing a unified, queryable database of vulnerabilities that map directly to open source packages and versions. The system hosts vulnerability data for ecosystems such as PyPI, npm, Go, Maven, and Debian, among others. The platform includes a web UI, API, and a Go-based dependency scanner that checks software dependencies, container images, SBOMs (SPDX, CycloneDX), and Git repositories for known vulnerabilities. This repository contains the full infrastructure code for deploying osv.dev on Google Cloud Platform, including Terraform configurations, APIs, data pipelines, indexers, and background workers for vulnerability ingestion and impact analysis. ... -
12
XRAY
XRay for recon, mapping and OSINT gathering from public networks
...The modular architecture means users can customize or extend the engine with new analyzers, fuzzers, or output formats tailored to specific testing environments. Rather than being a “one-size-fits-all” black box scanner, XRAY encourages interactive exploration and integrates with other tooling. -
13
BBOT
The recursive internet scanner for hackers
BBOT is an advanced open-source reconnaissance automation framework designed to streamline large-scale OSINT and attack surface discovery workflows. It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying... -
14
Mini QR
Create & scan cute qr codes easily
Mini QR is a web app focused on making QR codes feel friendly and design-forward, combining a polished QR generator with a built-in scanner so you can both create and decode codes in the same place. It emphasizes customization so the QR you generate can match a brand, event theme, or personal style, including color and styling controls, framed layouts with labels, and the ability to add a logo image. -
15
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
...CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
16
Docspell
Assist in organizing your piles of documents
Docspell is a personal document organizer. Or sometimes called a "Document Management System" (DMS). You'll need a scanner to convert your papers into files. Docspell can then assist in organizing the resulting mess. It can unify your files from scanners, emails, and other sources. It is targeted for home use, i.e. families, households, and also for smaller groups/companies. You can associate tags, set correspondent,s and lots of other predefined and custom metadata. If your documents are... -
17
Audiobookshelf
Self-hosted audiobook and podcast server
...Auto-detects library updates, no need to re-scan. Upload books and podcasts w/ bulk upload drag and drop folders. Backup your metadata + automated daily backups. Progressive Web App (PWA). Chromecast support on the web app and android app. Fetch metadata and cover art from several sources. Chapter editor and chapter lookup (using Audnexus API). Merge your audio files int. -
18
dir-aka
The Dir-aka Vulnerability Scanner is a Python-based security tool
The Dir-aka Vulnerability Scanner is a Python-based security tool designed for cybersecurity professionals and system administrators to analyze and secure web servers against unauthorized access. This tool identifies sensitive files and folders on a target web server, filters content by file extensions, and highlights potential misconfigurations or vulnerabilities in publicly accessible directories. -
19
PhoneInfoga
Information gathering framework for phone numbers
PhoneInfoga is an open-source intelligence framework focused on gathering and analyzing information related to international phone numbers. The tool aggregates data from multiple scanners and external services to provide contextual intelligence such as country, carrier, line type, and potential VoIP provider details. It is designed primarily for investigators, analysts, and security researchers who need structured phone-number reconnaissance rather than real-time tracking. PhoneInfoga... -
20
certcheker2
Web Certificate Expiration checker
Tool to check web ssl certificate, how much days left till expire, automaticaty discover open ports. -
21
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
22
waymap
Waymap is a fast and optimized web vulnerability scanner
What is Waymap? Waymap is a fast and optimized And Automated web vulnerability scanner designed for penetration testers. It effectively identifies vulnerabilities by testing against a variety of payloads. Features Overview Latest Update v5.2.1 New Sql Injection Scanning Module High Accuracy And Less False Positive Access it using: --scan sqli v5.3.1 Added Boolean Based Sqli Testing (OWN LOGIC) High Accuracy, Can Give False Positive Sometimes Access it using: --scan sqli Waymap Features Vulnerability Scanning Modules: SQL Injection (SQLi) Command Injection Server-Side Template Injection (SSTI) Cross-Site Scripting (XSS) with filter bypass payload testing Local File Inclusion (LFI) Open Redirect Carriage Return and Line Feed (CRLF) Cross-Origin Resource Sharing (CORS) Critical and High-Risk Scan Profiles using CVE exploits (32 CVEs: WordPress - 19, Drupal - 4, Joomla - 7, Generic/Others - 2) -
23
-
24
Storage Boxx - PHP Inventory System
Inventory system with built-in QR and NFC scanner, passwordless login.
Storage Boxx is an open-source PHP Inventory Management System. With a built-in webcam QR scanner, NFC scanner, passwordless login, and an optional AI assistant. ## REQUIREMENTS 1) LAMP/WAMP/MAMP/XAMPP 2) Apache Mod Rewrite 3) PHP MYSQL PDO Extension 4) PHP OPENSSL Extension 5) At least PHP 8.0 6) Take note - Webcam, NFC and Passwordless (Web Authentication) support depends on the user's device and browser. ## INSTALLATION 1) Copy & unzip into your http folder. 2) Access http://your-site.com/ in your browser and walk through the installer. ## DOCUMENTATION https://code-boxx.com/storage-boxx-php-inventory-system/ -
25
*Until you install the operating system, the default user = live / no password. DragonOS Noble (24.04) DragonOS FocalX (22.04) and DragonOS Focal (20.04) are out-of-the-box Lubuntu based x86_64 operating systems for anyone interested in software defined radios. All source installed software is located in the /usr/src directory while the remaining software was installed by package managers. What is DragonOS and why do you want it? The shortest distance between two points is a...
