| Discovery | Vulnerability | |
|---|---|---|
| nmap | wp-scan | |
| knock | owasp zap | |
| robtex | prowler | |
| shodan.io | wp-scan | |
| centralops.net | nuclei |
Discovery
nmap
Nmap (“Network Mapper”) is a free and open source utility for network discovery and security auditing.
Knock
Knockpy is a python3 tool designed to quickly enumerate subdomains on a target domain through dictionary attack.
docker run -ti --rm secsi/knockpy $domain
robtex
robtex is a website that will help you identify if a specific IP address may have multiple domains attached to it.
shodan
showdan.io can identify if an IP address has known vulnerabilities recorded.
centralops
centralops.net is a tool to do DNS lookups against a DNS name.
Vulnerability
wp-scan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
docker run -it --rm wpscanteam/wpscan --url https://$domain
owasp zap
Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible.
docker run -ti owasp/zap2docker-weekly zap-baseline.py -t https://$domain
prowler
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custome security frameworks.
docker run -ti --rm --name prowler --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --env AWS_SESSION_TOKEN --env AWS_PROFILE toniblyx/prowler:latest
nuclei
nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.