Scanners-Box扫描器合集.zip

English | [简体中文](./README_CN.md) <p align="center"> <img src="./logo.png" width="300px"> </p> <p align="center"> <img src="https://img.shields.io/badge/version-2022.07-blue.svg" alt="202207"> <img src="http://img.shields.io/badge/license-CC--BY--NC--ND--4.0-blue.svg?style=flat" alt="license"> <img src="https://img.shields.io/badge/Scanners/Number-312-blue.svg" alt="number"> <a href="https://twitter.com/intent/tweet?text=Wow:&url=https%3A%2F%2Fgithub.com%2FWe5ter%2FScanners-Box"><img alt="Twitter URL" src="https://img.shields.io/twitter/url?style=social&url=https%3A%2F%2Fgithub.com%2FWe5ter%2FScanners-Box"></a> </p> <br/> ## Sponsor This Project <a href="https://www.buymeacoffee.com/we5ter"><img src="https://img.buymeacoffee.com/button-api/?text=Buy me a coffee&emoji=&slug=we5ter&button_colour=0773b3&font_colour=ffffff&font_family=Comic&outline_colour=ffffff&coffee_colour=FFDD00" /></a> ## Introduction **Scanners Box** also known as **scanbox**, is a powerful **hacker toolkit**, which has collected more than 10 categories of open source scanners from Github, including subdomain, database, middleware and other modular design scanner etc. **But for other Well-known scanning tools, such as nmap, w3af, brakeman, arachni, nikto, metasploit, aircrack-ng will not be included in the scope of collection.** ## Contents <!-- START doctoc generated TOC please keep comment here to allow auto update --> <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE --> - [Smart Contracts Security](#smart-contracts-security) - [Red Team vs Blue Team](#red-team-vs-blue-team) - [Mobile App Packages Analysis](#mobile-apps-packages-analysis) - [Binary Executables Analysis](#binary-executables-analysis) - [Privacy Compliance](#privacy-compliance) - [Subdomain Enumeration or Takeover](#subdomain-enumeration-or-takeover) - [Database SQL Injection Vulnerability or Brute Force](#database-sql-injection-vulnerability-or-brute-force) - [Weak Usernames or Passwords Enumeration For Web](#weak-usernames-or-passwords-enumeration-for-web) - [Authorization Brute Force or Vulnerability Scan For IoT](#authorization-brute-force-or-vulnerability-scan-for-iot) - [Mutiple types of Cross-site scripting Detection](#mutiple-types-of-cross-site-scripting-detection) - [Enterprise sensitive information Leak Scan](#enterprise-sensitive-information-leak-scan) - [Malicious Scripts Detection](#malicious-scripts-detection) - [Vulnerability Assessment for Middleware](#vulnerability-assessment-for-middleware) - [Special Components or Vulnerability Categories Scan](#special-components-or-vulnerability-categories-scan) - [Dynamic or Static Code Analysis](#dynamic-or-static-code-analysis) - [Modular Design Scanners or Vulnerability Detecting Framework](#modular-design-scanners-or-vulnerability-detecting-framework) - [Advanced Persistent Threat Detect](#advanced-persistent-threat-detect) <!-- END doctoc generated TOC please keep comment here to allow auto update --> *** ### Smart Contracts Security - https://github.com/ConsenSys/mythril - **Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera etc.** >       - https://github.com/enzymefinance/oyente - **An Analysis Tool for Smart Contracts** >       - https://github.com/eth-sri/securify2 - **Official security scanner for Ethereum smart contracts supported by the Ethereum Foundation** >       - https://github.com/smartdec/smartcheck - **Static analysis tool that detects vulnerabilities and bugs in Solidity programs** >       - https://github.com/ivicanikolicsg/MAIAN - **Automatic tool for finding trace vulnerabilities in Ethereum smart contracts** >       ### Red Team vs Blue Team #### Supply Chain Analysis(SCA) - https://github.com/murphysecurity/murphysec - **Open source tool for software supply chain security** >       #### Container and Cluster - https://github.com/cdk-team/CDK - **A tool to gather information inside container/cluster and exploit them** >      ![GitHub](https://img.shields.io/github/license/cdk-team/CDK?style