ENNAENNA
🌐

Network Recon

40 tools indexed

Network reconnaissance tools for port scanning, host discovery, service enumeration, and network mapping. These tools form the foundation of any security assessment, helping identify live hosts, open ports, running services, and potential attack surfaces across local networks and the internet.

Nmap

C/C++
Featured

The gold standard network scanner. Host discovery, port scanning, service/version detection, OS fingerprinting.

port-scanservice-detectionos-fingerprintscripting-engine
12.8k2.8k2mo ago

Masscan

C

Internet-scale port scanner. Transmits 10 million packets per second. Asynchronous, stateless scanning.

port-scanhigh-speedinternet-scale
25.6k3.2k2mo ago

RustScan

Rust

Blazing fast port scanner that pipes into Nmap. Scans all 65k ports in 3 seconds flat.

port-scanfastnmap-integrationrust
19.7k1.3k2mo ago

Shodan CLI

Python

Command-line interface for Shodan, the search engine for internet-connected devices.

iotsearch-engineinternet-scanapi
2.8k6471y ago

Wireshark

C/C++
Featured

The world's foremost network protocol analyzer. Deep packet inspection for hundreds of protocols.

packet-captureprotocol-analysisguiclassic
9.3k2.1k2mo ago

Responder

Python

LLMNR/NBT-NS/mDNS poisoner and rogue authentication server. Captures NTLMv1/v2 hashes on the network.

ntlmpoisoncredential-captureactive-directory
6.4k8595mo ago

Censys CLI

Python

Search engine for internet-connected devices. Alternative to Shodan with certificate and host search.

search-enginecertificatesinternet-scanapi
461972mo ago

ZMap

C

Internet-wide single-packet scanner. Scans the entire IPv4 address space in under 5 minutes.

internet-scalefastipv4research
6.2k9652mo ago

Ncat (Nmap)

C

Improved netcat with SSL support, IPv6, proxying, and connection brokering. The Swiss army knife of networking.

networkingtunnelingsslswiss-army-knife
12.8k2.8k2mo ago

tcpdump

C

Command-line packet analyzer. The lightweight, scriptable alternative to Wireshark for capture and analysis.

packet-captureclibpfclassic
3.2k9162mo ago

enum4linux-ng

Python

Windows/Samba enumeration tool. Extracts user lists, share info, group policies, and OS details via SMB.

smbenumerationwindowssamba
1.6k1484mo ago

Unicornscan

C

Asynchronous UDP/TCP port scanner with advanced stimulus-response analysis and OS fingerprinting.

port-scannerasyncudptcp
812613y ago

Netdiscover

C

Active/passive ARP reconnaissance tool for network discovery without DNS traffic.

arpnetwork-discoverypassiveactive
3784210mo ago

arp-scan

C

Send ARP requests to discover and fingerprint hosts on the local network segment.

arphost-discoverylanfingerprinting
1.2k1731y ago

Fierce

Python

DNS reconnaissance tool for locating non-contiguous IP space and hostnames against specified domains.

dnsreconnaissancedomainip-discovery
1.8k2151y ago

Uncover

Go

Quickly discover exposed hosts on the internet using multiple search engines like Shodan, Censys, and Fofa.

search-enginesshodancensysfofa
2.9k2642mo ago

tlsx

Go

Fast TLS probe tool for grabbing TLS certificates, versions, and cipher information at scale.

tlssslcertificatesscanning
1.1k1513mo ago

cdncheck

Go

Detect whether an IP belongs to a CDN, cloud provider, or WAF to identify origin servers.

cdnwafcloudip-detection
9581292mo ago

hping3

C

Active network security tool for firewall testing, advanced port scanning, and manual TCP/IP packet crafting.

packet-craftingfirewall-testingtraceroutetcp-ip
1.7k3621y ago

fping

C

High-performance parallel ping tool designed for sweeping large network ranges with minimal overhead.

ping-sweephost-discoverynetwork-scanningalive-detection
1.2k2572mo ago

Naabu

Go

Fast port scanner written in Go with SYN/CONNECT scan support, designed for integration with other ProjectDiscovery tools.

port-scannersyn-scanhost-discoveryprojectdiscovery
5.9k6702mo ago

Scapy

Python

Interactive packet manipulation library. Craft, send, capture, and decode network packets with a powerful Python interface.

packet-craftingprotocolfuzzingnetwork-analysis
12.2k2.2k2mo ago

Zeek

C++

Network analysis framework (formerly Bro). Deep packet inspection, protocol analysis, and security monitoring at scale.

network-monitoringprotocol-analysisidslogging
7.6k1.3k2mo ago

Arkime

JavaScript/C

Full packet capture and search system (formerly Moloch). Indexed network traffic with a web UI for hunting and forensics.

packet-capturepcapelasticsearchnetwork-forensics
7.4k1.1k2mo ago

Suricata

C/Rust

High-performance IDS/IPS and network monitoring engine. Multi-threaded with Snort-compatible rules and protocol logging.

idsipsnetwork-monitoringmulti-threaded
6.2k1.7k2mo ago

BBOT

Python

Recursive internet scanner for automated recon, bug bounties, and attack surface management with 100+ modules.

reconattack-surfacebug-bountyautomation
9.6k7962mo ago

fscan

Go

Fast internal network scanner with service brute-forcing, vulnerability detection, and exploit modules.

internal-reconlateral-movementbrute-forcescanner
13.6k1.9k2mo ago

Sn1per

Shell

Automated attack surface management platform integrating recon, vulnerability scanning, and exploit tools.

asmreconautomationpentest
9.7k2.0k4mo ago

SMBMap

Python

Enumerate SMB shares across a domain with permissions and access checking.

smbsharesenumerationwindows
2.0k3725mo ago

ssh-audit

Python

SSH server and client configuration auditing tool with algorithm analysis.

sshauditconfigurationsecurity
4.2k21210mo ago

scanless

Python

Perform port scans anonymously through third-party scanner websites.

port-scananonymousnetwork
1.1k1712y ago

Raccoon

Python

High-performance offensive reconnaissance and information gathering tool.

reconscanningoffensive
3.5k4412mo ago

Yersinia

C

Framework for layer-2 attacks targeting STP, CDP, DHCP, and other protocols.

layer2protocolnetwork
8381402y ago

mitmproxy

Python

Interactive TLS-capable intercepting HTTP proxy with a console UI, web interface, and Python scripting API.

proxymitmtls-interceptionhttp-debugging
43.3k4.5k2mo ago

Tsunami

Java

Google's general-purpose network security scanner with a plugin system for detecting high-severity vulnerabilities at scale.

vulnerability-scannernetwork-scanninggoogleplugin-system
8.6k9212mo ago

Dshell

Python

Network forensic analysis framework by US Army Research Lab. Extensible Python-based packet decoder with plugin architecture.

network-forensicspcap-analysispacket-decodertraffic-analysis
5.5k1.1k2y ago

pwnat

C

Punches through NATs and firewalls to establish direct connections between two hosts without port forwarding.

nat-traversalfirewall-bypasstunnelingicmp
3.9k5116mo ago

IVRE

Python

Self-hosted network recon framework combining active scanning, passive traffic analysis, and flow analysis with a web interface.

network-reconshodan-alternativepassive-analysisself-hosted
4.0k6862mo ago

Smap

Go

Passive port scanner using Shodan's database. Nmap-compatible syntax without sending a single packet to the target.

passive-scanningshodanstealthnmap-compatible
3.2k3062mo ago

Sniffnet

Rust
Featured

Cross-platform network traffic monitor with real-time analysis, 6000+ protocol identification, PCAP export, and IP geolocation.

traffic-monitorpacket-captureprotocol-analysisgui
37.3k1.1k1mo ago