tsunami-security-scanner
RustScan
tsunami-security-scanner | RustScan | |
---|---|---|
4 | 26 | |
8,121 | 12,287 | |
0.5% | 2.9% | |
7.5 | 7.9 | |
7 days ago | 5 days ago | |
Java | Rust | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tsunami-security-scanner
- Qualys Community Edition for vuln. scanning?... limitations?
-
Log4j RCE Found
https://github.com/google/tsunami-security-scanner (I bet it would be easy to write a plugin for https://github.com/projectdiscovery/nuclei as well.)
To see if there are injection points statically, I work on a tool (https://github.com/returntocorp/semgrep) that someone else already wrote a check with: https://twitter.com/lapt0r/status/1469096944047779845 or look for the mitigation with `semgrep -e '$LOGGER.formatMsgNoLookups(true)' --lang java`. For the mitigation, the string should be unique enough that just ripgrep works well too.
-
Security and self-hosting, bumping a 7 months old thread
Thanks to you I just reenabled Tsunami https://github.com/google/tsunami-security-scanner. Also had software called something like vuln (blue logo with a yellow eye in the middle) running. but the hard disk of the server died --sadly and I can't remember how it was called.-- https://vuls.io/
-
Awesome Penetration Testing
Tsunami - General purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
RustScan
- RustScan β The Modern Port Scanner
-
Is Rustscan tool allowed in CEH Practical exam?
I will be giving CEH Practical exam in the next month and I can't find whether Rustscan is allowed or not. I have read EC-Council is very particular about the tools used so I want to be sure whether to implement in my prepartion or not.
-
[self-made] havn - fast lightweight port scanner
Iβm not sure why I decided to create it, I think I tried to use RustScan for a simple task last week, but it was too convoluted for my needs, as well as the fact that it requires nmap to be installed. Thus havn was born, nothing else needed, and only directly using two dependencies, Tokio and Clap, although I think If I really wanted to, I could remove the Clap dependency, but itβs just so handy and easy to use.
-
I just can't get RustScan to work. constantly the same error messages with 2 different versions
Did you read https://github.com/RustScan/RustScan, find the link to https://github.com/RustScan/RustScan/wiki/Installation-Guide and came across "Docker is the recommended way of installing RustScan"?
- Rustscan β The Modern Port Scanner
- RustScan is a modern take on the port scanner
-
Is there a good and simple command line alternative to Nmap?
I like RustScan https://github.com/RustScan/RustScan . For one thing, itβs fast!
- Recommended high speed port scanner?
- RustScan/RustScan: π€ The Modern Port Scanner π€
What are some alternatives?
logging-log4j1 - Apache log4j1
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
awesome-pcaptools - A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.
scapy - Scapy: the Python-based interactive packet manipulation program & library.
docker-gvm - Docker container stack for GVM / OpenVAS
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
SQLMap - Automatic SQL injection and database takeover tool
go-cache - An in-memory key:value store/cache (similar to Memcached) library for Go, suitable for single-machine applications.
netdiscover - Netdiscover, ARP Scanner (official repository)
ZAP - The ZAP core project
evillimiter-windows - Tool that limits bandwidth of devices on the same network without access.