All Defense Tool

All Defense Tool

​ First of all, congratulations on finding the treasure. This project integrates excellent open source offensive and defensive weapons projects on the entire network, including information collection tools (automated utilization tools, asset discovery tools, directory scanning tools, subdomain name collection tools, fingerprint identification tools, port scanning tools, various plug-ins… etc…), Vulnerability Exploitation Tools (Major CMS Exploitation Tools, Middleware Exploitation Tools, etc…), Intranet Penetration Tools (Tunnel Agent, Password Extraction…), Emergency Response tools, Party A’s operation and maintenance tools, and other security offensive and defensive data are organized for use by both offensive and defensive parties. If you have better suggestions, pull requests are welcome.


**Key reminder: The tools of this project come from the Internet. Please identify whether it contains Trojan horses and backdoors! ! Hvv is coming soon, please be vigilant! ! ! **

  1. All contents of this project are for study and research purposes only. Please do not use the technical means of the project for illegal purposes. Any negative impact caused by anyone has nothing to do with me.
  2. All content and news in this document do not represent my attitude or position. If you have suggestions or plans, please submit issues
  3. No advertising fees will be charged, and all tool links displayed have nothing to do with me

Table of contents

Warm reminder: Don’t indulge in offense and defense and forget to eat~

  • Programmer’s guide on how to cook at home.

Semi/Fully Automated Exploitation Tool

Project Introduction Project Address Project Name
One-stop service, you only need to enter the root domain name to collect relevant assets in all directions and detect vulnerabilities. You can also enter multiple domain names, C-segment IP, etc., see below for specific cases. ShuiZe_0x727
Individual combat arsenal, you deserve it yakit
Automated cruise scanning framework (available for red team evaluation) ApolloScanner
Automatic port scanning, TCP fingerprinting and banner capture for specified IP segments, asset lists, and surviving network segments kscan
An Unexplored Vulnerability Scanning Tool bscan
A vulnerability scanner glue, 30 tools are automatically invoked after adding a target QingScan
Distributed Asset Information Collection and Vulnerability Scanning Platform gosint
A comprehensive tool to assist common penetration testing projects or quick management of offensive and defensive projects AlliN
nemo_go automated information collection nemo_go
Integrated asset management system from subdomains, port services, vulnerabilities, crawlers, etc. bayonet
A highly customizable web automated scanning framework vajra
reconFTW is an information collection tool that integrates 30 tools reconftw
Automated Detection Framework rengine
GUI interface automation tool Railgun
Online cms identification|information leakage|industrial control|system|Internet of things security|cms vulnerability scan|nmap port scan|subdomain acquisition|to be continued.. /onlinetools Online toolset
Acunetix Web Vulnerability Scanner GUI Version] AWVS-GUI

Information collection tools

Asset Discovery Tool

Project Introduction Project Address Project Name
reconFTW is an information collection tool that integrates 30 tools reconftw
Asset Infinite Cruise Scanning System linglong
SRC subdomain asset monitoring LangSrcCurise
Quickly scout Internet assets associated with targets and build a basic asset information base. ARL (Lighthouse)
Mobile terminal (Android, iOS, WEB, H5, static website) information collection scanning tool AppInfoScanner
Integrate GoogleHacking syntax for information collection Grecon
Fetch landing page content from third-party platforms waybackurls
Extract target-related information from multiple websites gau
A collection of multiple network mapping platforms, you can quickly search for information on multiple network mapping platforms and combine display and export. InfoSearchAll
Call ZoomEye’s official api—GUI interface