ENNAENNA
🌐

Network Recon

40 tools indexed

Network reconnaissance tools for port scanning, host discovery, service enumeration, and network mapping. These tools form the foundation of any security assessment, helping identify live hosts, open ports, running services, and potential attack surfaces across local networks and the internet.

Nmap

C/C++
Featured

The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.

port-scanservice-detectionos-fingerprintscripting-engine
12.8k2.8k23d ago

Masscan

C

Internet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.

port-scanhigh-speedinternet-scale
25.6k3.2k27d ago

RustScan

Rust

Blazing fast port scanner that pipes into Nmap. Scans all 65k ports in 3 seconds flat.

port-scanfastnmap-integrationrust
19.7k1.3k1mo ago

Shodan CLI

Python

Command-line interface for Shodan, the search engine for internet-connected devices.

iotsearch-engineinternet-scanapi
2.8k6471y ago

Wireshark

C/C++
Featured

The world's foremost network protocol analyzer. Deep packet inspection for hundreds of protocols.

packet-captureprotocol-analysisguiclassic
9.3k2.1k23d ago

Responder

Python

LLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.

ntlmpoisoncredential-captureactive-directory
6.4k8593mo ago

Censys CLI

Python

Search engine for internet-connected devices. Alternative to Shodan with certificate and host search.

search-enginecertificatesinternet-scanapi
4619728d ago

ZMap

C

Internet-wide single-packet scanner. Scans the entire IPv4 address space in under 5 minutes.

internet-scalefastipv4research
6.2k96527d ago

Ncat (Nmap)

C

Improved netcat with SSL support, IPv6, proxying, and connection brokering. The Swiss army knife of networking.

networkingtunnelingsslswiss-army-knife
12.8k2.8k23d ago

tcpdump

C

Command-line packet analyzer. The lightweight, scriptable alternative to Wireshark for capture and analysis.

packet-captureclibpfclassic
3.2k91624d ago

enum4linux-ng

Python

Windows/Samba enumeration tool. Extracts user lists, share info, group policies, and OS details via SMB.

smbenumerationwindowssamba
1.6k1483mo ago

Unicornscan

C

Asynchronous UDP/TCP port scanner with advanced stimulus-response analysis and OS fingerprinting.

port-scannerasyncudptcp
812613y ago

Netdiscover

C

Active/passive ARP reconnaissance tool for network discovery without DNS traffic.

arpnetwork-discoverypassiveactive
378429mo ago

arp-scan

C

Send ARP requests to discover and fingerprint hosts on the local network segment.

arphost-discoverylanfingerprinting
1.2k1731y ago

Fierce

Python

DNS reconnaissance tool for locating non-contiguous IP space and hostnames against specified domains.

dnsreconnaissancedomainip-discovery
1.8k2151y ago

Uncover

Go

Quickly discover exposed hosts on the internet using multiple search engines like Shodan, Censys, and Fofa.

search-enginesshodancensysfofa
2.9k26425d ago

tlsx

Go

Fast TLS probe tool for grabbing TLS certificates, versions, and cipher information at scale.

tlssslcertificatesscanning
1.1k1511mo ago

cdncheck

Go

Detect whether an IP belongs to a CDN, cloud provider, or WAF to identify origin servers.

cdnwafcloudip-detection
95812925d ago

hping3

C

Active network security tool for firewall testing, advanced port scanning, and manual TCP/IP packet crafting.

packet-craftingfirewall-testingtraceroutetcp-ip
1.7k3621y ago

fping

C

High-performance parallel ping tool designed for sweeping large network ranges with minimal overhead.

ping-sweephost-discoverynetwork-scanningalive-detection
1.2k25726d ago

Naabu

Go

Fast port scanner written in Go with SYN/CONNECT scan support, designed for integration with other ProjectDiscovery tools.

port-scannersyn-scanhost-discoveryprojectdiscovery
5.9k67023d ago

Scapy

Python

Interactive packet manipulation library. Craft, send, capture, and decode network packets with a powerful Python interface.

packet-craftingprotocolfuzzingnetwork-analysis
12.2k2.2k23d ago

Zeek

C++

Network analysis framework (formerly Bro). Deep packet inspection, protocol analysis, and security monitoring at scale.

network-monitoringprotocol-analysisidslogging
7.6k1.3k23d ago

Arkime

JavaScript/C

Full packet capture and search system (formerly Moloch). Indexed network traffic with a web UI for hunting and forensics.

packet-capturepcapelasticsearchnetwork-forensics
7.4k1.1k23d ago

Suricata

C/Rust

High-performance IDS/IPS and network monitoring engine. Multi-threaded with Snort-compatible rules and protocol logging.

idsipsnetwork-monitoringmulti-threaded
6.2k1.7k24d ago

BBOT

Python

Recursive internet scanner for automated recon, bug bounties, and attack surface management with 100+ modules.

reconattack-surfacebug-bountyautomation
9.6k79623d ago

fscan

Go

Fast internal network scanner with service brute-forcing, vulnerability detection, and exploit modules.

internal-reconlateral-movementbrute-forcescanner
13.6k1.9k23d ago

Sn1per

Shell

Automated attack surface management platform integrating recon, vulnerability scanning, and exploit tools.

asmreconautomationpentest
9.7k2.0k3mo ago

SMBMap

Python

Enumerate SMB shares across a domain with permissions and access checking.

smbsharesenumerationwindows
2.0k3724mo ago

ssh-audit

Python

SSH server and client configuration auditing tool with algorithm analysis.

sshauditconfigurationsecurity
4.2k2128mo ago

scanless

Python

Perform port scans anonymously through third-party scanner websites.

port-scananonymousnetwork
1.1k1712y ago

Raccoon

Python

High-performance offensive reconnaissance and information gathering tool.

reconscanningoffensive
3.5k44129d ago

Yersinia

C

Framework for layer-2 attacks targeting STP, CDP, DHCP, and other protocols.

layer2protocolnetwork
8381402y ago

mitmproxy

Python

Interactive TLS-capable intercepting HTTP proxy with a console UI, web interface, and Python scripting API.

proxymitmtls-interceptionhttp-debugging
43.3k4.5k26d ago

Tsunami

Java

Google's general-purpose network security scanner with a plugin system for detecting high-severity vulnerabilities at scale.

vulnerability-scannernetwork-scanninggoogleplugin-system
8.6k9211mo ago

Dshell

Python

Network forensic analysis framework by US Army Research Lab. Extensible Python-based packet decoder with plugin architecture.

network-forensicspcap-analysispacket-decodertraffic-analysis
5.5k1.1k2y ago

pwnat

C

Punches through NATs and firewalls to establish direct connections between two hosts without port forwarding.

nat-traversalfirewall-bypasstunnelingicmp
3.9k5114mo ago

IVRE

Python

Self-hosted network recon framework combining active scanning, passive traffic analysis, and flow analysis with a web interface.

network-reconshodan-alternativepassive-analysisself-hosted
4.0k68623d ago

Smap

Go

Passive port scanner using Shodan's database. Nmap-compatible syntax without sending a single packet to the target.

passive-scanningshodanstealthnmap-compatible
3.2k3061mo ago

Sniffnet

Rust
Featured

Cross-platform network traffic monitor with real-time analysis, 6000+ protocol identification, PCAP export, and IP geolocation.

traffic-monitorpacket-captureprotocol-analysisgui
37.3k1.1k15d ago

Related Categories

🔍

Subdomain Enumeration

14 tools

🕸

Web Scanning

41 tools

Vulnerability Scanning

22 tools

☁️

Cloud Recon

19 tools