DMitry alternatives

Looking for an alternative tool to replace DMitry? During the review of DMitry we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. QuickScan (port scanning utility)
  2. Th3inspector (extensive information gathering tool)
  3. Masscan (high-performance port scanner)

These tools are ranked as the best alternatives to DMitry.

Alternatives (by score)

64

QuickScan

Introduction

Although there are many port scanning utilities, sometimes it is specific functionality that makes a tool really powerful. For example, QuickScan saves the results of a scan, which then can be processed later for follow-up.

Project details

QuickScan is written in Python.

Strengths and weaknesses

  • + Very low number of dependencies
  • + The source code of this software is available
  • - No releases on GitHub available
  • - Full name of author is unknown

Typical usage

  • Network scanning

QuickScan review

64

Th3inspector

Introduction

This tool can be called a true 'inspector tool' as it helps to discover many types of data.

  • Website information
  • Domain and subdomain information
  • Mail server information and email
  • Phone details
  • IP addresses
  • Detection of used CMS

Project details

Th3inspector is written in Perl.

Strengths and weaknesses

  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Discovery of sensitive information
  • Information gathering

Th3inspector review

60

Masscan

Introduction

Masscan can be compared with other tools like Nmap. Due to its focus on high performance, this tool can be used when many systems have to be scanned at once. It can scan all internet hosts on IPv4 within 5 minutes. This impressive statistic makes the tool loved by those that do security research.

Project details

Masscan is written in C.

Strengths and weaknesses

  • + More than 25 contributors
  • + More than 8000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Network scanning

    Masscan review

    78

    Nmap

    Introduction

    Nmap is short for "Network Mapper". It is a free and open source utility for network discovery and security auditing. It was release in September of 1997 by Gordon Lyon, commonly known under his pseudonym "Fyodor".

    Project details

    Nmap is written in C, C++, Lua, Python.

    Strengths and weaknesses

    • + Project is mature (10+ years)
    • + The source code of this software is available
    • + Well-known author
    • + Well-known tool
    • - Software usage is restricted (e.g. commercially)

    Typical usage

    • Network scanning
    • Vulnerability scanning

    Nmap review

    63

    Zenmap

    Introduction

    Zenmap is a graphical user interface (GUI) for Nmap. It can be of great help to start a network scan by simply selecting the options you want. Besides Linux, it also runs on Microsoft Windows, macOS, BSD, and other flavors of Unix.

    One of the strengths of Zenmap is the ability to store profiles, which can be reused for later scans. The command creator is another one, which helps interactively create the right nmap commands. Recent scans are stored in a searchable database and scan results can be saved and compared.

    Project details

    Zenmap is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available
    • + Well-known tool

      Typical usage

      • Network scanning
      • Penetration testing
      • Port scanning
      • Security assessment

      Zenmap review

      64

      portSpider

      Introduction

      portSpider is a security tool to scan network ranges and find open ports. The goal of the tool is to find vulnerable services.

      Project details

      portSpider is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Network scanning
        • Vulnerability scanning

        portSpider review

        64

        Domain Analyzer

        Introduction

        Domain Analyzer is an information gathering tool and comes in handy for reconnaissance. This can be useful for doing penetration testing or evaluating what information is publically available about your own domains. Some pieces of information that can be discovered include DNS servers, IP addresses, mail servers, SPF information, open ports, and more.

        Project details

        Domain Analyzer is written in Python.

        Strengths and weaknesses

        • + More than 1000 GitHub stars
        • + Very low number of dependencies
        • + The source code of this software is available

          Typical usage

          • Information gathering
          • Penetration testing

          Domain Analyzer review

          64

          GasMask

          Introduction

          GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter.

          Project details

          Strengths and weaknesses

          • + The source code of this software is available

            Typical usage

            • Information gathering

            GasMask review

            60

            GitMiner

            Introduction

            GitMiner is a tool to scan for sensitive data that is leaked via software repositories. Examples of sensitive data are authentication details such as passwords or connection settings.

            Project details

            GitMiner is written in Python.

            Strengths and weaknesses

            • + More than 1000 GitHub stars
            • + The source code of this software is available

              Typical usage

              • Asset discovery
              • Discovery of sensitive information
              • Information leak detection

              GitMiner review

              60

              Gitmails

              Introduction

              This tool can be used to perform reconnaissance on a company or individual target by looking into software repositories. Meta-data like commit activity can reveal who is working for a particular company. This tool helps to extract emails from software repositories.

              Project details

              Gitmails is written in Python.

              Strengths and weaknesses

              • + Very low number of dependencies
              • + The source code of this software is available

                Typical usage

                • Email harvesting
                • Information gathering
                • Reconnaissance

                Gitmails review

                60

                RTA (Red Team Arsenal)

                Introduction

                RTA is helpful to automate scanning public resources of a company. As the project name implies, this may be used during red teaming, like a penetration test. That obviously does not limit its use, as it is similarly useful by the blue team.

                With its integration with Nessus and other tools, RTA is more of a toolkit. This can be seen in its functionality, like subdomain enumeration and information gathering capabilities.

                Project details

                RTA is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available
                • - No releases on GitHub available

                Typical usage

                • Information gathering
                • Penetration testing
                • Security assessment
                • System enumeration

                RTA review

                78

                Wappalyzer

                Introduction

                Wappalyzer can be a useful asset when performing reconnaissance on a particular target like a web application or website. It helps to find what software is used to run a particular page. Components that can be detected are the content management system (CMS), JavaScript framework, e-commerce software, web server, and more.

                Project details

                Wappalyzer is written in Node.js.

                Strengths and weaknesses

                • + Has 300+ contributors
                • + More than 4000 GitHub stars
                • + Many releases available
                • + The source code of this software is available

                  Typical usage

                  • Information gathering
                  • Reconnaissance
                  • Software identification

                  Wappalyzer review

                  60

                  ThreatPinch Lookup

                  Introduction

                  ThreatPinch helps to speed up collecting information from common resources like CVE databases or public WHOIS data. As it works from the browser, it is a helpful addition for people who have to perform forensics, security monitoring, or system administration. For example, getting the owner of a domain and IP address becomes almost instant knowledge.

                  Project details

                  ThreatPinch Lookup is written in JavaScript.

                  Strengths and weaknesses

                  • + Many integration possibilities available
                  • - Unknown project license

                  Typical usage

                  • Information gathering
                  • Threat hunting

                  ThreatPinch Lookup review

                  Some relevant tool missing as an alternative to DMitry? Please contact us with your suggestion.