The Best 23 SHODAN Alternatives

  • Nessus

    The Nessus vulnerability scanner is the world-leader in active scanners, featuring high-speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture.

    Commercial Mac OS X Windows Linux Android iPhone

  • Nikto

    Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and...

    Free Open Source Mac OS X Windows Linux

  • Zed Attack Proxy

    The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

    Free Open Source Mac OS X Windows Linux

  • skipfish

    A fully automated, active web application security reconnaissance tool. Key features: High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets.

    Free Open Source Mac OS X Windows Linux BSD

  • OpenVAS

    The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and...

    Free Open Source Linux

  • w3af

    w3af is a Web Application Attack and Audit Framework

    Free Open Source Windows Linux

  • apptalk.ninja

    App and device communication diagnostics tool for better bug tracking & QA. An easy-to-use tool that monitors http, BLE and iBeacon communication over-the-air helping app developers with bug tracking and building more reliable apps.

    Freemium iPhone iPad

  • Acunetix

    Audit your website security and web applications for SQL injection, Cross site scripting and other web vulnerabilities with Acunetix Web Security Scanner. Download Free...

    Commercial Windows Web Wordpress

  • Intruder

    Intruder is a security monitoring platform for internet-facing systems.

    Commercial Web

  • ZoomEye

    ZoomEye is a search engine for Cyberspace In Chinese ancient legends, there's a famous ghost buster named Zhong Kui. Just like him, ZoomEye is created for hunting the demons in Cyberspace.

    Freemium Web

  • IronWASP

    IronWASP (Iron Web application Advanced Security testing Platform) is an open source system for web application vulnerability testing.

    Free Open Source Mac OS X Windows Linux

  • Websecurify

    Websecurify is a powerful web application security testing environment designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

    Commercial Mac OS X Windows Linux

  • Censys

    Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the internet.

    Free Open Source Web

  • PunkSPIDER

    PunkSPIDER is a global-reaching web application vulnerability search engine. The goal is to allow the user to determine vulnerabilities across the Internet quickly, easily, and intuitively.

    Free Web

  • wapiti

    Wapiti allows you to audit the security of your web applications. Wapiti is a command line tool.

    Free Open Source Windows Linux

  • Arachni

    Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of...

    Free Open Source Mac OS X Windows Linux

  • Nexpose

    Learn about our vulnerability management software, Nexpose. See how our vulnerability scanner prioritizes vulnerabilities and speeds up remediation.

    Commercial Windows Linux

  • Golem Security Scanner

    Golem Security Scanner is a powerful and intuitive website security scanner which uses a combination of proprietary and open source scanners to maximize the scan...

    Freemium Web