seespee alternatives

Looking for an alternative tool to replace seespee? During the review of seespee we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Arachni (web application scanner)
  2. SQLMate (a friend of SQLMap with additional features)
  3. Wfuzz (web application fuzzer)

These tools are ranked as the best alternatives to seespee.

Alternatives (by score)

74

Arachni

Introduction

Arachni is framework written in Ruby with focus on evaluating the security of web applications. Typical users include security professionals and system administrators.

The tooling is free and open source. Besides Linux, it also runs on macOS and Microsoft Windows.

Project details

Arachni is written in Ruby.

Strengths and weaknesses

  • + More than 1000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Penetration testing
    • Security assessment
    • Web application analysis

    Arachni review

    64

    SQLMate

    Introduction

    SQLMate is a tool to perform security assessments and vulnerability of web applications. It can discover admin panels of websites, which might be a way to break into a web application. It also has the option for dorking, which means it can find possible vulnerable targets to a particular attack.

    Project details

    SQLMate is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available
    • - No releases on GitHub available

    Typical usage

    • Penetration testing
    • Web application analysis

    SQLMate review

    60

    Wfuzz

    Introduction

    Wfuzz is a fuzzing tool written in Python. Tools like Wfuzz are typically used to test web applications and how they handle both expected as unexpected input.

    Project details

    Wfuzz is written in Python.

    Strengths and weaknesses

    • + More than 1000 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Application fuzzing
      • Application security
      • Application testing
      • Web application analysis

      Wfuzz review

      74

      WordPress Exploit Framework (WPXF)

      Introduction

      WordPress is still one of the most popular frameworks for websites. A variety of open source tools exist to assess the security of this content management system, and its themes and plugins.

      Project details

      WordPress Exploit Framework is written in Ruby.

      Strengths and weaknesses

      • + More than 500 GitHub stars
      • + The source code of this software is available
      • - Has longer learning curve

      Typical usage

      • Penetration testing
      • Security assessment
      • Vulnerability scanning
      • Web application analysis

      WordPress Exploit Framework review

      64

      Yasuo

      Introduction

      Yasuo is a Ruby script that scans for vulnerable and exploitable third-party web applications. There are many remotely exploitable vulnerabilities for web applications and their front-end components. Yasuo helps to make it easier to scan for the weaknesses like remote code execution (RCE), SQL injections, and file inclusions.

      Project details

      Yasuo is written in Ruby.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Penetration testing
        • Vulnerability scanning
        • Web application analysis

        Yasuo review

        100

        ZAP (Zed Attack Proxy)

        Introduction

        ZAP is an intercepting proxy of web traffic. You will need to configure your browser to connect to the web application you wish to test through ZAP.

        Note: Zed Attack Proxy, or ZAP, is also known as zaproxy.

        Project details

        ZAP is written in Java.

        Strengths and weaknesses

        • + More than 50 contributors
        • + More than 8000 GitHub stars
        • + Many maintainers
        • + The source code of this software is available
        • - Many reported issues are still open

        Typical usage

        • Penetration testing
        • Security assessment
        • Software testing
        • Web application analysis

        ZAP review

        97

        django-security

        Introduction

        Django-security is an extension for developers seeking more security measures in their Django project. The toolkit can set or activate particular settings improving security. Examples of these settings include the use of particular HTTP headers that increase the security defenses of the web application.

        Part of the toolkit is middleware to enforce password strength, set the do-not-track header, enable content security policy (CSP), enable privacy policy (P3P), limit session length, use HTTPS (HSTS), XSS protection, and more.

        Project details

        django-security is written in Python.

        Strengths and weaknesses

        • + More than 10 contributors
        • + The source code of this software is available

          Typical usage

          • Application security

          django-security review

          64

          w3af

          Introduction

          W3af is an open source web application attack and audit framework and helps in scanning for vulnerabilities. The tool comes with both a graphical user interface (GUI) and command line utility. Some of the project files include a copyright line of 2006. That gives a good idea on the maturity of the project, and it is one of the rare tools that is still maintained after so many years.

          Project details

          w3af is written in Python.

          Strengths and weaknesses

          • + Tool is modular and extendable
          • + More than 2000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Application security
            • Application testing
            • Penetration testing
            • Vulnerability scanning
            • Web application analysis

            w3af review

            Some relevant tool missing as an alternative to seespee? Please contact us with your suggestion.