Also strong
Web server scanner that probes for dangerous files, outdated software, and misconfigurations via many checks.
pentestwebscannerrecon
Browse & filter
Filter by platform, license text, maturity, maintenance cadence, and editorial tags like privacy-focused or self-hosted. Search matches names, summaries, tags, and use cases.
10 tools match your filters
Top pick
Fast vulnerability scanner driven by YAML templates—used for recon, misconfigs, CVEs, and custom checks at scale.
pentestscannertemplatesrecon
Top pick
All-in-one scanner for container images, IaC, Kubernetes manifests, SBOMs, and VM OS packages with CI integrations.
devsecopscontainersiacvulnerabilityscanner
Full vulnerability management stack: OpenVAS scanner, Greenbone Vulnerability Manager, feeds, and web UI for scan management.
vulnerability-managementscannervacompliance
Top pick
Kubernetes security scanner for misconfigurations, RBAC, compliance frameworks (NSA/CIS), and image vulnerabilities.
kubernetescompliancedevsecopsscannercncf
Also strong
Static analysis engine for container images: layer indexing and vulnerability matching against NVD and distro feeds.
containersregistryvulnerabilityscanner
Top pick
Secret scanner for git history, CI, and filesystems with verified credential checks against live APIs where safe.
secretsgitdevsecopsscannercredentials
Honorable mention
Fast port scanner designed for scripting and CI.
scannernetworkrust
Also strong
Open-source antivirus engine and signature database for mail gateways, file servers, and CI scanning.
antivirusmalwarescanner
Top pick
Network discovery and security auditing scanner with scripting (NSE) and OS fingerprinting.
scannernetworksecurity