# This file lists what we think the most widely used
# security scanners identifyable via their user agents.
#
# The list is curated by hand. Attempts to machine-generate
# a larger list leads to a lot of false positives and edge
# cases where certain scanners / bots are welcome in certain
# situations. We consider this a baseline of unwanted scanners.


# http://www.arachni-scanner.com/
arachni

betabot

bewica-security-scan

# Backup File Artifacts Checker
# https://github.com/mazen160/bfac
BFAC

# Commix
# https://github.com/commixproject/commix
commix

# Detectify website vulnerability scanner
# https://detectify.com/
Detectify

# hidden page scanner
# (deprecated) https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
dirbuster

fimap

# vuln scanner
# https://github.com/ffuf/ffuf
fuzz faster

# WhatWaf, fingerprint and bypass WAFs
# https://github.com/Ekultek/WhatWaf
whatwaf

# Scanner that looks for existing or hidden web objects
# https://github.com/OJ/gobuster
gobuster

# sql injection
havij

hexometer

jbrofuzz

jorgee

libwhisker

# port scanner
# https://github.com/robertdavidgraham/masscan
masscan

morfeus

# The Mysterious Mozlila User Agent bot
# https://trunc.org/learning/the-mozlila-user-agent-bot
Mozlila

# Typo of Mozilla/5.0 user-agent
Mozilla/5.g

# Nessus
# http://www.tenable.com/products/nessus-vulnerability-scanner
nessus

netlab360

netsparker

# OWASP Nettacker
nettacker

# vuln scanner
# https://cirt.net/Nikto2
nikto

nmap

# https://github.com/projectdiscovery/nuclei
nuclei

# http://www.openvas.org/
openvas

# https://aws.amazon.com/fr/security-agent/
securityagent

sitelockspider

# SQL Injections
# http://sqlmap.org/
sqlmap

# https://www.cyber.nj.gov/threat-profiles/trojan-variants/sysscan
sysscan

# https://github.com/google/tsunami-security-scanner
TsunamiSecurityScanner

w3af.org

# http://www.robotstxt.org/db/webbandit.html
webbandit

# (deprecated) http://www.scrt.ch/en/attack/downloads/webshag
webshag

# https://github.com/xmendez/wfuzz
wfuzz

whatweb

wprecon

# wordpress vuln scanner
# https://wpscan.org/
wpscan

# feroxbuster directory fuzzer
feroxbuster

# (deprecated) https://github.com/LeakIX/l9explore
l9explore

# (deprecated) https://github.com/LeakIX/l9tcpid
l9tcpid

# https://github.com/wapiti-scanner/wapiti
wapiti

# https://subgraph.com/vega/
vega

# https://docs.rapid7.com/appspider/
appspider

# https://github.com/swatv3nub/IronWASP
ironwasp

# https://github.com/spinkham/skipfish
skipfish

# https://www.qualys.com/apps/web-app-scanning
qualysguard

# https://nstalker.com/
n-stalker

# https://www.acunetix.com/
acunetix

# https://github.com/dionach/CMSmap
cmsmap

# https://github.com/xxgrunge/sqlninja
sqlninja

# https://github.com/s0md3v/XSStrike
xsstrike

# https://github.com/epsylon/xsser
xsser

# https://github.com/OWASP/joomscan
joomscan

# https://github.com/SamJoan/droopescan
droopescan

# ZGrab scanner (Mozilla/5.0 zgrab/0.x)
# https://zmap.io
zgrab

# Ghauri SQL Injection
Ghauri

zmeu

# https://github.com/Chocapikk/wpprobe
WPProbe

# SSTIMap
# https://github.com/vladko312/SSTImap
SSTIMap

# Hydra
Mozilla/4.0 (Hydra)

# (deprecated) https://github.com/epinna/tplmap
tplmap

# https://github.com/wireghoul/dotdotpwn
DotDotPwn

# https://github.com/bitquark/shortscan
shortscan

# (deprecated) https://github.com/P0cL4bs/Kadimus
Kadimus

# https://github.com/D35m0nd142/LFISuite
LFISuite

# https://github.com/lightos/Panoptic
Mozilla/5.0 (compatible; Panoptic

# https://github.com/hansmach1ne/LFImap
LFImap

# https://github.com/dolevf/graphw00f
graphw00f

# https://github.com/dolevf/graphql-cop
graphql-cop

# https://github.com/ron190/jsql-injection
jSQL

# https://github.com/praetorian-inc/noseyparker
noseyparker

# TruffleHog
TruffleHog

# https://www.yeswehack.com/
YesWeHack-Hunter

# https://github.com/Hackmanit/TInjA
TInjA

# IBM Security AppScan
Mozilla/5.0 (compatible; AppScan;