Website reconnaissance tools


Admin Page Finder (PHP) (admin page discovery tool)

Admin Page Finder is a tool written in PHP to find admin sections within a website. It can be used during pentesting and security assessments.

» Admin Page Finder (PHP) review and details

BlindElephant (web application fingerprinting)

BlindElephant is a security tool to perform fingerprinting of web applications. It can discover the name and version of known web applications.

» BlindElephant review and details

detectem (software enumeration)

Detectem can scan web applications and detect used software components like jQuery, Apache middleware, and others.

» Detectem review and details

Gitem (GitHub organization reconnaissance tool)

Gitem is a reconnaissance tool to extract information about organizations on GitHub. It can be used to find the leaking of sensitive data.

» Gitem review and details

shcheck (test HTTP headers of web applications)

Security header check (shcheck) is a security tool to scan web applications and their HTTP headers. It can help securing web applications or detect weaknesses.

» Shcheck review and details

VHostScan (virtual host scanner)

VHostScan is a security tool that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases, and dynamic default pages.

» VHostScan review and details