ThreatPinch Lookup alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

74

Alternative: cve-search

cve-search is a security tool to import CVE and CPE data and enable it to be searched. It can be used to detect vulnerabilities on the system.

Project details

cve-search is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars
  • + The source code of this software is available

Typical usage

  • password strength testing
  • security assessment
  • vulnerability management
  • vulnerability scanning

cve-search project page

100

Alternative: vFeed

vFeed is a set of tools around correlated vulnerability and threat intelligence. It provides a database, API, and supporting tools to store vulnerability data.

vFeed consists of a database and utilities to store vulnerability data. It uses third-party references and data, which then can be used to see if a software component has a known vulnerability. The data itself is enriched by cross-checking it and store additional details about the vulnerabilities.

The vFeed tooling has an API available with JSON output. It can be used by security researchers and practitioners to validate vulnerabilities and retrieve all available details.

Project details

vFeed is written in Python.

Strengths

  • + Commercial support available
  • + The source code of this software is available

Typical usage

  • security assessment
  • vulnerability scanning

vFeed project page

64

Alternative: vulnix

Vulnix is a security scanner for NixOS. It specifically looks for vulnerabilities in available packages and comes with a command line interface (CLI).

Project details

vulnix is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • vulnerability scanning

vulnix project page

64

Alternative: Bitscout

Bitscout is a security tool that allows professionals performing digital forensics remotely. The toolkit creates a live-cd for this purpose.

Project details

Bitscout is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Typical usage

  • digital forensics

Bitscout project page

96

Alternative: The Sleuth Kit

The Sleuth Kit is a toolkit to investigate disk images and do forensic analysis on them.

The Sleuth Kit allows you to analyze volume and file system data on disk images. By its modular design, it can be used to carve out the right data, find evidence, and use it for digital forensics.

Project details

The Sleuth Kit is written in C.

Strengths

  • + More than 50 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available
  • + Well-known tool

Typical usage

  • digital forensics

The Sleuth Kit project page

81

Alternative: Volatility

Volatile memory framework used for forensics and analysis purposes. The framework is written in Python and runs on almost all platforms.

Volatility is a well-known tool to analyze memory dumps. Interesting about this project is that the founders of this project decided to create a foundation around the project. This foundation is an independent 501(c) (3) non-profit organization that maintains and promotes open source memory forensics with The Volatility Framework.

Project details

Volatility is written in Python.

Strengths

  • + More than 1000 GitHub stars
  • + The source code of this software is available
  • + Project is supported by a foundation

Typical usage

  • digital forensics

Volatility project page

64

Alternative: XRay

XRay is a security tool for reconnaissance, mapping, and OSINT gathering from public networks.

Project details

XRay is written in Golang.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • reconnaissance

XRay project page

84

Alternative: Belati

Belati is security tool to collect public data and information and calls itself a Swiss army knife for OSINT purposes.

Project details

Belati is written in Python.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Full name of author is unknown

Typical usage

  • information gathering

Belati project page

88

Alternative: DataSploit

DataSploit is a framework to perform intelligence gather to discover credentials, domain information, and other information related to the target.

Project details

DataSploit is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering
  • security monitoring

DataSploit project page

76

Alternative: Gitrob

Gitrob is a security tool to find sensitive information on GitHub. During the audit, it may detect passwords, API keys, or other secrets.

Project details

Gitrob is written in Ruby.

Strengths

  • + More than 1000 GitHub stars
  • + The source code of this software is available

Typical usage

  • information gathering
  • penetration test
  • security assessment

Gitrob project page

64

Alternative: OSRFramework

OSRFramework is an open source research framework. The project helps with information gathering and can be classified as an OSINT tool.

Project details

OSRFramework is written in Python.

Strengths

  • + Available as package (simplified installation)
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available

Typical usage

  • information gathering

OSRFramework project page

96

Alternative: SpiderFoot

SpiderFoot is an open source intelligence automation tool (OSINT). It automates the process of gathering intelligence, like IP addresses, domains, and networks.

Project details

SpiderFoot is written in Python.

Strengths

  • + The source code of this software is available

Typical usage

  • information gathering

SpiderFoot project page

56

Alternative: theHarvester

theHarvester is a tool to gather email accounts, subdomains, virtual hosts, open ports, banners, and employee names. It uses different public sources.

This tool is a typical information collection tool to retrieve public data and get it all into one place. It is useful for penetration tests, or if you want to see what is available for your company.

68

Alternative: QuickScan

QuickScan is a simple port scanning utility with additional abilities like resolving. It has a built-in WHOIS lookups, among other supporting features.

Project details

QuickScan is written in Python.

Strengths

  • + Very low number of dependencies
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available
  • - Full name of author is unknown

Typical usage

  • network scanning

QuickScan project page