README.md in Chinese 中文

###Project Description

Scanners-Box is a collection of opensouse scanners from the github platform, including subdomain enumeration, database vulnerability scanners, weak passwords or information leak scanners, port scanners, fingerprint scanners, and other large scanners, modular scanner etc. Well-known scanning tools, such as: nmap, w3af, brakeman will not be collected..

We welcome everyone to contribute!

####Subdomain Enumeration

• https://github.com/lijiejie/subDomainsBrute (Classical Subdomain Enumeration Tool)
• https://github.com/ring04h/wydomain (Intergrated Subdomain Enumeration Tool via Massive Dictionary Rules)
• https://github.com/le4f/dnsmaper (Subdomain Enumeration via DNS Record)
• https://github.com/0xbug/orangescan (Online Subdomain Enumeration Tool)
• https://github.com/TheRook/subbrute (Subdomain Enumeration via DNS Record)
• https://github.com/We5ter/GSDF (Subdomain Enumeration via Google Certificate Transparency）
• https://github.com/mandatoryprogrammer/cloudflare_enum (Subdomain Enumeration via CloudFlare）
• https://github.com/18F/domain-scan (A Domain Scanner）
• https://github.com/guelfoweb/knock (Knock Subdomain Scan)
• https://github.com/Evi1CLAY/CoolPool/tree/master/Python/DomainSeeker (An Intergratd Python Subdomain Enumeration Tool)

####Database Vulnerability Scanners

• https://github.com/0xbug/SQLiScanner (A SQLi Vulnerability Scanner via SQLMAP and Charles)
• https://github.com/stamparm/DSSS (A SQLi Vulnerability Scanner with 99 lines of code)
• https://github.com/LoRexxar/Feigong (A SQLi Vulnerability Scanner for MySQL)
• https://github.com/youngyangyang04/NoSQLAttack (A SQLi Vulnerability Scanner for mongoDB)
• https://github.com/Neohapsis/bbqsql (A Blind SQLi Vulnerability Scanner)
• https://github.com/NetSPI/PowerUpSQL (A SQLi Vulnerability Scanner with Powershell Script)

####Weak passwords or information leak scanners

• https://github.com/lijiejie/htpwdScan
• https://github.com/lijiejie/BBScan
• https://github.com/lijiejie/GitHack
• https://github.com/wilson9x1/fenghuangscanner_v3
• https://github.com/ysrc/F-Scrack
• https://github.com/Mebus/cupp
• https://github.com/RicterZ/genpAss
• https://github.com/netxfly/crack_ssh
• https://github.com/n0tr00t/Sreg
• https://github.com/repoog/GitPrey (Searching sensitive files and contents in GitHub)

####IoT scanners

• https://github.com/rapid7/IoTSeeker
• https://github.com/shodan-labs/iotdb

####XSS scanners

• https://github.com/shawarkhanethicalhacker/BruteXSS
• https://github.com/1N3/XSSTracer
• https://github.com/0x584A/fuzzXssPHP
• https://github.com/chuhades/xss_scan
• https://github.com/BlackHole1/autoFindXssAndCsrf

####Enterprise network self-test

• https://github.com/sowish/LNScan
• https://github.com/SkyLined/LocalNetworkScanner
• https://github.com/ysrc/xunfeng
• https://github.com/laramies/theHarvester
• https://github.com/x0day/Multisearch-v2

####Webshell detection

• https://github.com/We5ter/Scanners-Box/tree/master/Find_webshell/
• https://github.com/ym2011/ScanBackdoor
• https://github.com/yassineaddi/BackdoorMan
• https://github.com/he1m4n6a/findWebshell

####Intranet penetration

• https://github.com/0xwindows/VulScritp
• https://github.com/lcatro/network_backdoor_scanner
• https://github.com/fdiskyou/hunter
• https://github.com/BlackHole1/WebRtcXSS

####Port scanners or Fingerprint scanners

• https://github.com/ring04h/wyportmap
• https://github.com/ring04h/weakfilescan
• https://github.com/EnableSecurity/wafw00f
• https://github.com/rbsec/sslscan
• https://github.com/urbanadventurer/whatweb
• https://github.com/tanjiti/FingerPrint
• https://github.com/nanshihui/Scan-T
• https://github.com/OffensivePython/Nscan
• https://github.com/ywolf/F-NAScan
• https://github.com/ywolf/F-MiddlewareScan
• https://github.com/maurosoria/dirsearch
• https://github.com/x0day/bannerscan
• https://github.com/RASSec/RASscan
• https://github.com/3xp10it/bypass_waf
• https://github.com/3xp10it/mytools/blob/master/xcdn.py
• https://github.com/Xyntax/BingC
• https://github.com/Xyntax/DirBrute
• https://github.com/zer0h/httpscan
• https://github.com/lietdai/doom

####Dedicated scanner

• https://github.com/blackye/Jenkins
• https://github.com/code-scan/dzscan
• https://github.com/chuhades/CMS-Exploit-Framework
• https://github.com/lijiejie/IIS_shortname_Scanner
• https://github.com/riusksk/FlashScanner
• https://github.com/coffeehb/SSTIF

####Wireless network penetration and scanners

• https://github.com/savio-code/fern-wifi-cracker/
• https://github.com/m4n3dw0lf/PytheM
• https://github.com/P0cL4bs/WiFi-Pumpkin

####Code static scan and running-code stack trace

• https://github.com/wufeifei/cobra
• https://github.com/OneSourceCat/phpvulhunter
• https://github.com/Qihoo360/phptrace

####Modular scanners or integrated scanner

• https://github.com/az0ne/AZScanner
• https://github.com/blackye/lalascan
• https://github.com/blackye/BkScanner
• https://github.com/ysrc/GourdScanV2
• https://github.com/alpha1e0/pentestdb
• https://github.com/netxfly/passive_scan
• https://github.com/1N3/Sn1per
• https://github.com/RASSec/pentestEr_Fully-automatic-scanner
• https://github.com/3xp10it/3xp10it
• https://github.com/Lcys/lcyscan
• https://github.com/Xyntax/POC-T
• https://github.com/v3n0m-Scanner/V3n0M-Scanner
• https://github.com/Skycrab/leakScan

###Collection purposes

The purpose of this collection is to provide various types of opensource security scanning tool that can help Internet companies to be more safer.

###Project Maintenance

Wester(twitter @We5ter) & Martin(twitter@We5ter) ###Disclaimer

Do not use for illegal purposes.

###Copyright

Please specify reproduced from https://github.com/We5ter/Scanners-Box

###Acknowledgments

• @0c0c0f
• @藏形匿影(wacai.com)
• Mottoin team
• @BlackHole

©CNSISMO 2016-2017