EN
ENNA
🌐

Network Recon

21 tools indexed

Network reconnaissance tools for port scanning, host discovery, service enumeration, and network mapping. These tools form the foundation of any security assessment, helping identify live hosts, open ports, running services, and potential attack surfaces across local networks and the internet.

Nmap

C/C++
Featured

The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.

port-scanservice-detectionos-fingerprintscripting-engine
12.6k2.8k3d ago

Masscan

C

Internet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.

port-scanhigh-speedinternet-scale
25.5k3.2k5d ago

RustScan

Rust

Blazing fast port scanner that pipes into Nmap. Scans all 65k ports in 3 seconds flat.

port-scanfastnmap-integrationrust
19.5k1.3k4d ago

Shodan CLI

Python

Command-line interface for Shodan, the search engine for internet-connected devices.

iotsearch-engineinternet-scanapi
2.8k6431y ago

Wireshark

C/C++
Featured

The world's foremost network protocol analyzer. Deep packet inspection for hundreds of protocols.

packet-captureprotocol-analysisguiclassic
9.1k2.1k1d ago

Responder

Python

LLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.

ntlmpoisoncredential-captureactive-directory
6.4k8612mo ago

Censys CLI

Python

Search engine for internet-connected devices. Alternative to Shodan with certificate and host search.

search-enginecertificatesinternet-scanapi
458961mo ago

ZMap

C

Internet-wide single-packet scanner. Scans the entire IPv4 address space in under 5 minutes.

internet-scalefastipv4research
6.1k9634mo ago

Ncat (Nmap)

C

Improved netcat with SSL support, IPv6, proxying, and connection brokering. The Swiss army knife of networking.

networkingtunnelingsslswiss-army-knife
12.6k2.8k3d ago

tcpdump

C

Command-line packet analyzer. The lightweight, scriptable alternative to Wireshark for capture and analysis.

packet-captureclibpfclassic
3.2k9182d ago

enum4linux-ng

Python

Windows/Samba enumeration tool. Extracts user lists, share info, group policies, and OS details via SMB.

smbenumerationwindowssamba
1.6k1481mo ago

Unicornscan

C

Asynchronous UDP/TCP port scanner with advanced stimulus-response analysis and OS fingerprinting.

port-scannerasyncudptcp
812613y ago

Netdiscover

C

Active/passive ARP reconnaissance tool for network discovery without DNS traffic.

arpnetwork-discoverypassiveactive
375407mo ago

arp-scan

C

Send ARP requests to discover and fingerprint hosts on the local network segment.

arphost-discoverylanfingerprinting
1.2k1721y ago

Fierce

Python

DNS reconnaissance tool for locating non-contiguous IP space and hostnames against specified domains.

dnsreconnaissancedomainip-discovery
1.8k2141y ago

Uncover

Go

Quickly discover exposed hosts on the internet using multiple search engines like Shodan, Censys, and Fofa.

search-enginesshodancensysfofa
2.9k26211d ago

tlsx

Go

Fast TLS probe tool for grabbing TLS certificates, versions, and cipher information at scale.

tlssslcertificatesscanning
1.1k14914d ago

cdncheck

Go

Detect whether an IP belongs to a CDN, cloud provider, or WAF to identify origin servers.

cdnwafcloudip-detection
9441291d ago

hping3

C

Active network security tool for firewall testing, advanced port scanning, and manual TCP/IP packet crafting.

packet-craftingfirewall-testingtraceroutetcp-ip
1.7k3591y ago

fping

C

High-performance parallel ping tool designed for sweeping large network ranges with minimal overhead.

ping-sweephost-discoverynetwork-scanningalive-detection
1.2k25810d ago

Naabu

Go

Fast port scanner written in Go with SYN/CONNECT scan support, designed for integration with other ProjectDiscovery tools.

port-scannersyn-scanhost-discoveryprojectdiscovery
5.9k6684d ago

Related Categories

🔍

Subdomain Enumeration

13 tools

🕸

Web Scanning

22 tools

Vulnerability Scanning

12 tools

☁️

Cloud Recon

9 tools