keimpx alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

85

Alternative: changeme

The tool changeme is a credential scanner for default usernames and passwords, or common combinations of these.

Project details

changeme is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • password strength testing
  • security assessment

changeme project page

96

Alternative: detectem

Detectem can scan web applications and detect used software components like jQuery, Apache middleware, and others.

Project details

detectem is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • application security
  • application testing
  • reconnaissance
  • vulnerability scanning

detectem project page

84

Alternative: dirsearch

Dirsearch is a tool to guide security professionals to find possible information leaks or sensitive data. It does this by looking for directory and file names.

Project details

dirsearch is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • security assessment

dirsearch project page

64

Alternative: DirSearch (Go)

DirSearch is a scanning tool to find directories and files on web applications. It is a remake of the dirsearch tool that was created by Mauro Soria.

Project details

DirSearch (Go) is written in Golang.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • security assessment

DirSearch (Go) project page

76

Alternative: Fierce

Fierce is a security tool that helps with DNS reconnaissance. It can locate non-contiguous IP space, but using DNS information.

Project details

Fierce is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • reconnaissance
  • security assessment

Fierce project page

97

Alternative: O-Saft

O-Saft is a security tool to show information about SSL certificates. It tests the SSL connection with the given list of ciphers and configuration.

O-Saft is the abbreviation for OWASP SSL advanced forensic tool.

Project details

O-Saft is written in Perl.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • security assessment
  • vulnerability scanning
  • web application analysis

O-Saft project page

63

Alternative: Oscanner

Oscanner is an Oracle assessment framework to perform enumeration on Oracle installations. It is written in Java and provides a graphical overview of findings.

The tool has a plugin-based architecture for enumeration purposes of Oracle installations.

  • Sid enumeration
  • Passwords tests (common & dictionary)
  • Enumerate Oracle version
  • Enumerate account roles
  • Enumerate account privileges
  • Enumerate account hashes
  • Enumerate audit information
  • Enumerate password policies
  • Enumerate database links

Project details

Oscanner is written in Java.

Strengths

  • + The source code of this software is available

Oscanner project page

68

Alternative: RootHelper

RootHelper is a small script to retrieve several enumeration and privilege escalation tools. It can be used during penetration testing.

Project details

RootHelper is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Typical usage

  • penetration test
  • privilege escalation
  • security assessment

RootHelper project page

78

Alternative: Sn1per

Sn1per is security scanner that can be used during a penetration test to enumerate and scan for vulnerabilities.

Project details

Sn1per is written in Python, shell script.

Strengths

  • + More than 10 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Unknown project license

Typical usage

  • penetration test
  • reconnaissance

Sn1per project page

60

Alternative: SubBrute (subdomain-bruteforcer)

SubBrute is a DNS meta-query spider that enumerates DNS records and subdomains. This can be useful during penetration tests and security assessments.

Project details

SubBrute is written in Python.

Strengths

  • + More than 1000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • information gathering
  • penetration test
  • security assessment

SubBrute project page

56

Alternative: Subdomino

Subdomino is a tool to perform enumeration on domain names. It can be used to detect and scan hostnames and subdomains.

Project details

Subdomino is written in Python.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown
  • - Unknown project license

Typical usage

  • information gathering
  • penetration test

Subdomino project page

60

Alternative: tlsenum

The CLI tool tlsenum attempts to enumerate what TLS cipher suites a server supports and then list them in order of priority.

This tool works by sending out sending out TLS ClientHello messages. Any ServerHello responses from the server are parsed. It assumes that the server is the one which decides the preferred cipher suite, giving an idea on the available ciphers.

Project details

tlsenum is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • security assessment
  • system hardening

tlsenum project page

64

Alternative: wafw00f

wafw00f is a security tool to perform fingerprinting on web applications and detect any web application firewall in use.

Project details

wafw00f is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • reconnaissance
  • security assessment

wafw00f project page

64

Alternative: weblocator

The weblocator security tool performs a discovery search to find directories and files. This can be useful for penetration tests to find sensitive data.

Project details

weblocator is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • security assessment

weblocator project page

97

Alternative: WhatWeb

WhatWeb is a security tool written in Ruby to fingerprint web applications. It helps with detecting what software is used for a particular web application.

Project details

WhatWeb is written in Ruby.

Strengths

  • + More than 25 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Typical usage

  • reconnaissance
  • web application analysis

WhatWeb project page

48

Alternative: wp_enum

The wp_enum tool helps with the discovery of WordPress users and accounts.

This utility enumerates the available identities on a WordPress installation.

64

Alternative: Dionaea

Dionaea is a honeypot that can emulate a range of services like FTP, HTTP, MySQL, and SMB. It can be used to see and learn how attackers work.

Project details

Dionaea is written in C.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • learning
  • threat discovery

Dionaea project page

97

Alternative: Samba

Makes Windows interoperability possible for systems running Linux or other flavors of Linux by sharing file and print services.

Since 1992, Samba provides file and print services based on the server message block (SMB) protocol. This protocol was released by Microsoft as part of the open specifications.

Samba helps with interoperability between systems running Microsoft Windows and those running one of the flavor of Unix like Linux. The toolkit allows systems to become part of the Active Directory environment and join a domain controller or domain member.

Project details

Strengths

  • + The source code of this software is available

Samba project page

52

Alternative: Samba-VirusFilter

On-access antivirus filter for Samba to detect malware threats and prevent them from investing file shares.

Project details

Strengths

  • + The source code of this software is available

Samba-VirusFilter project page