Integrated Tools and Scanners (56) 

penteston_logo_slogan. updated

Penteston Integrations

The Penteston® workbench provides easy-to-use results from dozens of separate processes. Here are some of the tools we integrate with.

ae21b62bce44e5853585dec6d95cae8f

SecurityScorecard

Instantly Rate and Understand the Security Risk of Any Company. SecurityScorecard enables organizations of all types and sizes, in every industry, to discover and solve complex cybersecurity, compliance and risk management challenges.

parallel-lint

PHP Parallel Lint

PHP Source

PHP Parallel Lint checks the syntax of PHP files faster than a serial check.

Learn More

parallel-lint

Parse: A Static Security Scanner

PHP Source

The Parse scanner is a static scanning tool to review your PHP code.

Learn More

androbugs

AndroBugs Framework

APK File

AndroBugs Framework is an Android vulnerability analysis system.

Learn More

sshdefaultscan

sshdefaultscan

SIP

sshdefaultscan scans networks or hosts for SSH servers.

Learn More

shodan

Shodan

Shodan is the world's first search engine for Internet-connected devices.

Learn More

Nikto Web Scanner

Nikto Web Scanner

Nikto is an Open Source (GPL) web server scanner that performs comprehensive tests.

Learn More

uniscan

Uniscan - RFI, LFI and RCE vulnerability scanner

Uniscan is a simple vulnerability scanner.

Learn More

vbscan

OWASP VBulletin Vulnerability Scanner

OWASP VBScan is an opensource project to detect VBulletin CMS vulnerabilities.

Learn More

googlepdf

GooglePDF

Google PDF Viewer offers the same capabilities in a standalone app.

Learn More

fimap

fimap - Automatic LFI/RFI scanner and exploiter

fimap is a python tool which can find, prepare, audit, and exploit web apps.

Learn More

fierce

Fierce - Find mis-configured networks

Fierce is a DNS reconnaissance tool for locating non-contiguous IP space.

Learn More

hsecscan

hsecscan - Scanner for HTTP response headers.

hsecscan is a security scanner for HTTP response headers.

Learn More

nessus

Nessus

Nessus is the de-facto industry standard vulnerability assessment solution.

Learn More

dnsrecon

DNSRecon

Learn More

twa

TWA

TWA is a tiny web auditor with strong opinions.

Learn More

wap

WAP - Web Application Protection

OWASP WAP is a tool to correct input validation vulnerabilities in web applications.

Learn More

bandit

Bandit

Python Source

Bandit is a tool designed to find common security issues in Python code.

Learn More

svmap

SIPVicious - svmap

SIP

svmap is a free and Open Source scanner to identify sip devices and PBX servers.

Learn More

svwar

SIPVicious - svwar

SIP

svwar is a free SIP PBX extension line scanner.

Learn More

zmap

ZMap: The Internet Scanner

IP Range

The ZMap Project is a collection of open source tools to study the public Internet.

Learn More

sqlier

SQLmap - automatic SQL injection and database takeover

sqlmap is an open source penetration testing tool.

Learn More

whatweb

WhatWeb

WhatWeb is a tool that identifies websites. 

Learn More

 

zaproxy

OWASP Zed Attack Proxy (ZAP)

ZAP is one of the world’s most popular free security tools.

Learn More

sslyze

SSLyze

SSLyze is a Python library and a CLI tool that can analyze SSL configurations.

Learn More

 

cmsmap

CMSmap

CMSmap is a python open source CMS scanner that automates detecting security flaws..

Learn More

censys

Censys

Censys can find and analyze every reachable server and device on the Internet.

Learn More

acunetix

Acunetix

Acunetix tests for SQL Injection, XSS, XXE, SSRF, and over 4500 other web vulnerabilities.

Learn More

webshag

Webshag

Webshag is a multi-threaded web server audit tool.

Learn More

urlcrazy

URLCrazy

URLCrazy can generate and test domain typos and variations to detect and exploit.

Learn More

th3inspector

Th3inspector

Th3inspector is an all-in-one tool for information gathering. 

Learn More

 

Penteston Integration: MASSCAN Mass IP Port Scanner

MASSCAN - Mass IP Port Scanner

Masscan is one of the fastest Internet port scanners as it can scan all the IP’s of the Internet in less than 6 minutes while transmitting 10 million packets per second mentions ethical hacking trainer.

Learn More

YbGZ7mzh_400x400

Datasploit - Default File Check

Allows you to collect relevant information about a target which can expand your attack/defense surface very quickly. 

shcheck

shcheck

shcheck is a small tool to check security headers.

Learn More

Penteston Integration: Datasploit - Domain History

Datasploit - Domain History

Datasploit Domain History is an #OSINT Framework tool used to perform various recon techniques, aggregate all the raw data, and give data in multiple formats.

qark

QARK Apk Scanner

APK File

QARK is designed to look for several security-related Android application vulnerabilities.

Learn More

openvas

OpenVAS

IP Range

OpenVAS is a framework offering vulnerability scanning and management.

Learn More

nmap

Nmap

IP Range

Nmap is a free and open source utility for network discovery and security auditing.

Learn More

dmitry

DMitry

DMitry is a UNIX/(GNU)Linux Command Line Application coded in C.

Learn More

blindelephant

BlindElephant

BlindElephant attempts to discover the version of a web application.

Learn More

dnsenum

dnsenum

Multithreaded perl script to enumerate DNS information of a domain and ip blocks.

Learn More

joomscan

OWASP Joomla! Vulnerability Scanner

OWASP Joomla! is an open source project, developed to automate detection.

Learn More

wikileaks

Wikileaks

WikiLeaks is a multi-national media organization and associated library.

Learn More

domainhistory

Domain Whois

Domain Whois provides internet security services like anti-fraud and anti-phishing.

Learn More

 

jexboss

JexBoss

JexBoss is a verification and exploitation tool.

Learn More

darkjumper

Darkjumper

Darkjumper finds every website that hosts at the same server as your target.

Learn More

emailhunter

Email Hunter

Email Hunter is the easiest way to find professional email addresses.

Learn More

sipsak

sipsak

Learn More

sqlier

SQLIer - Automated SQL injection exploiter

SQLIer is a script that brute forces passwords through 'true/false' SQL

Learn More

cge

Cisco Global Exploiter

Cisco Global Exploiter is an advanced, simple, and fast security-testing tool.

Learn More

theharvester

TheHarvester

TheHarvester is a tool for e-mails, subdomains, and names.

Learn More

wascan

WAScan

WAScan ((W)eb (A)pplication (Scan)ner) is an Open Source application security scanner.

Learn More

Tulpar

Tulpar

Tulpar is an open source web vulnerability scanner to automate web penetration.

Learn More

dnsmap

dnsmap

dnsmap is used during infrastructure security assessments.

Learn More