Tool and Usage
- Apache License 2.0
- Programming language
- David Adrian
- Latest release
- Latest release date
ZGrab is a stateful application-layer scanner. It works together with ZMap and is also part of the ZMap project. ZGrab is written in Go and supports multiple protocols, including:
- Siemens S7
- Tridium Fox
Why this tool?
This tool can be used to grab banner of services, including those using SSL/TLS. Such usage can be useful for security assessments or find out what particular service is running on an internal system.
Usage and audience
ZGrab is commonly used for penetration testing, security assessment, or vulnerability scanning. Target users for this tool are pentesters.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Similar tools to ZGrab:
Google's Certificate Transparency project audits the way SSL/TLS certificates are used and its underlying cryptographic system.
Lemur manages TLS certificate creation and the underlying process that is required. It acts as a broker between a certificate authority (CA) and the environment
MassBleed is a SSL vulnerability scanner to check for several known vulnerabilities and attacks like DROWN, POODLE, and ShellShock.
This tool page was updated at . Found an improvement? Help the community by submitting an update.