Best Vulnerability Scanners for Linux of 2025

Secure your stack with Aikido's code-to-cloud security platform. Find and fix vulnerabilities fast & automatically. Aikido's all-in-one approach combines multiple important scanning capabilities. SAST, DAST, SCA, CSPM, IaC, Container scanning and more - making it a true ASPM platform.

SaltStack is an intelligent IT automation platform that can manage, secure, and optimize any infrastructure--on-prem, in the cloud, or at the edge. It is built on an event-driven automation engine that detects and responds intelligently to any system. This makes it a powerful solution for managing complex environments. SaltStack's new SecOps offering can detect security flaws and mis-configured systems. This powerful automation can detect and fix any issue quickly, allowing you and your team to keep your infrastructure secure, compliant, and up to date. Comply and Protect are both part of the SecOps suite. Comply scans for compliance with CIS, DISA, STIG, NIST and PCI standards. Also, scan your operating system for vulnerabilities and update it with patches and patches.

Haltdos ensures the 100% high availability of your website/web services by providing intelligent Web Application Firewall and application DDoS mitigation, Bot Protection, SSL offloading, Load Balancing solution over the public and private cloud that monitors, detects, and automatically mitigates a wide range of cyber-attacks including OWASP top 10 and Zero-day attacks, without requiring any human intervention.

GitGuardian is a global cybersecurity startup focusing on code security solutions for the DevOps generation. A leader in the market of secrets detection and remediation, its solutions are already used by hundred thousands developers in all industries. GitGuardian helps developers, cloud operation, security and compliance professionals secure software development, define and enforce policies consistently and globally across all their systems. GitGuardian solutions monitor public and private repositories in real-time, detect secrets and alert to allow investigation and quick remediation.

Invicti (formerly Netsparker) dramatically reduces your risk of being attacked. Automated application security testing that scales like none other. Your team's security problems grow faster than your staff. Security testing automation should be integrated into every step in your SDLC. Automate security tasks to save your team hundreds of hours every month. Identify the critical vulnerabilities and then assign them to remediation. Whether you are running an AppSec, DevOps or DevSecOps program, help security and development teams to get ahead of their workloads. It's difficult to prove that you are doing everything possible to reduce your company's risk without full visibility into your apps, vulnerabilities and remediation efforts. You can find all web assets, even those that have been forgotten or stolen. Our unique dynamic + interactive (DAST+ IAST) scanning method allows you to scan the corners of your apps in a way that other tools cannot.

Security Solutions for Your DevOps Process Automate scanning your code to find and fix vulnerabilities. Kiuwan Code Security is compliant with the strictest security standards, such OWASP or CWE. It integrates with top DevOps tools and covers all important languages. Static application security testing and source analysis are both effective, and affordable solutions for all sizes of teams. Kiuwan provides a wide range of essential functionality that can be integrated into your internal development infrastructure. Quick vulnerability detection: Simple and quick setup. You can scan your area and receive results in minutes. DevOps Approach to Code Security: Integrate Kiuwan into your Ci/CD/DevOps Pipeline to automate your security process. Flexible Licensing Options. There are many options. One-time scans and continuous scanning. Kiuwan also offers On-Premise or Saas models.

Acunetix is the market leader for automated web application security testing and is the preferred tool for many Fortune 500 customers. Acunetix can detect and report on a wide range of web application vulnerabilities. Acunetix's industry-leading crawler fully supports HTML5/JavaScript and Single-page applications. This allows auditing of complex, authenticated apps. Acunetix is the only technology that can automatically detect out of-band vulnerabilities. It is available online as well as on-premise. Acunetix includes integrated vulnerability management capabilities to help enterprises manage, prioritize and control all types of vulnerability threats. These features are based on business criticality. Acunetix is compatible with popular Issue Trackers, WAFs, and is available online on Windows, Linux, and Online

The YAG Suite is a French-made innovative tool that takes SAST to the next level. YAGAAN is a combination of static analysis and machine-learning. It offers customers more than a sourcecode scanner. It also offers a smart suite to support application security audits and security and privacy through DevSecOps design processes. The YAG-Suite supports developers in understanding the vulnerability causes and consequences. It goes beyond traditional vulnerability detection. Its contextual remediation helps them to quickly fix the problem and improve their secure coding skills. YAG-Suite's unique 'code mining' allows for security investigations of unknown applications. It maps all relevant security mechanisms and provides querying capabilities to search out 0-days and other non-automatically detectable risks. PHP, Java and Python are currently supported. Next languages in roadmap are JS, C and C++.

Runecast is an enterprise IT platform that saves your Security and Operations teams time and resources by enabling a proactive approach to ITOM, CSPM, and compliance. Your team can do more with less via a single platform that checks all your cloud infrastructure, for increased visibility, security, and time-saving. Security teams benefit from simplified vulnerability management and regulatory compliance, across multiple standards and technologies. Operations teams are able to reduce operational overheads and increase clarity, enabling you to be proactive and return to the valuable work you want to be doing.

Mageni offers a free vulnerability scanning platform and management platform that will help you find, prioritize, remediate, and manage vulnerabilities.

Scuba Database Vulnerability Scanner. Scuba is a free tool that reveals hidden security risks. Check enterprise databases for potential vulnerabilities and misconfigurations. Know the risks to your database. Get advice on how to address identified issues. Scuba is available for Windows, Mac and Linux (x32) and Linux (x64). It offers over 2,300 assessment tests for Oracle and Microsoft SQL, SAP Sybase and IBM DB2 as well as MySQL. Scuba scans enterprise databases for security flaws and configuration flaws. It is free and allows you to identify potential security risks. It contains more than 2,300 assessments for Oracle, Microsoft SQL Server and SAP Sybase. Scuba scans can be performed from any Windows, Mac, or Linux client. A typical Scuba scan takes between 2 and 3 minutes depending on the size of your database, users, groups, and network connection. There are no other requirements or pre-installation.

Plesk vulnerability scanner that provides reliability, configuration recommendations, and automatic fixes for Plesk control panels. Quick Patch+: Allows you to analyze your server configuration and allow you to select and fix potential vulnerabilities from within the UI. It also allows you to set up automatic daily fixes for all vulnerabilities or only the most critical. You can also receive dashboard and email notifications about newly discovered critical vulnerabilities and automatically fixed vulnerabilities. Your website's security can be compromised and make it unresponsive, unavailable or even dangerous. The potential impact on your business could be significant. You can protect your web server for a small monthly charge by using an automated, hands-off approach.

Garak checks to see if we can make an LLM fail in a manner that we don't like. Garak checks for hallucinations, data leakage and prompt injection, misinformation generation, toxicity, jailbreaks and other weaknesses. We love developing garak and are always looking to add new features. Garak is a command line tool. It's developed for Linux and OSX. You can download it from PyPI. The standard pip versions of garak are updated periodically. Garak has its dependencies. You can install garak within its own Conda environment. Garak needs to know which model to scan. By default, it will use all the probes that it knows to scan the model using the vulnerability detectors suggested by each probe. Garak will print progress bars for each probe as it generates. Once the generation has been completed, a row will be displayed evaluating each probe's results for each detector.

BurpGPT, our Burp Suite Extension, integrates OpenAI’s LLMs to provide advanced vulnerability scanning and traffic based analysis. It also supports local LLMs including custom-trained, ensuring greater privacy and more accurate outcomes according to your needs. With user-friendly documentation, you can easily integrate Burp GPT in your security testing workflows. Burp GPT was developed by application security experts and represents the cutting edge of web security testing. Burp GPT is constantly improved based on feedback from users, ensuring that it meets changing security testing needs. Burp GPT was developed to improve the efficiency and precision of application security testing. Its intuitive interface and advanced language processing capabilities enhance security testing for both novices and experienced testers. BurpGPT allows you to perform complex technical tasks.

Armor can protect your data, whether it's in a public, private, or hybrid cloud environment or onsite. Armor will help you identify the real threats and filter them out with powerful analytics, workflow automations and a team full of experts who work night and day. We don't send out an alert if there is an attack. Our Security Operations Center experts are available immediately to guide your security team on how best to respond and fix the problem.

This powerful, lightweight security platform provides insight observability, proactive controls and threat detection for your Linux infrastructure in the datacenter or cloud. Your cloud infrastructure is a multi-user environment. It is not possible to protect it with security products that were originally designed for endpoints. You need to think beyond analytics and logging solutions, which lack the context and workflows necessary for infrastructure security. Cmd's infrastructure detection platform and response platform is designed for today's agile security teams. Rich filters and triggers allow you to view system activity in real-time or search through stored data. Our eBPF sensors, contextual model, and intuitive workflows allow you to gain insight into user activity, running process, and access to sensitive resource. No advanced Linux administration knowledge is required. To complement traditional access management, create guardrails and controls around sensitive actions.

Arachni is a Ruby framework that allows administrators and penetration testers to evaluate the security of modern web applications. It is modular, feature-rich, and high-performance. It is free and open-source, so you can review the source code. It is multi-platform and supports all major operating systems (MS Windows OS X, Mac OS X, and Linux). It is distributed via portable packages that allow for immediate deployment. It can be used for a variety of purposes, including a command-line scanner utility, a global high-performance grid of scanners, a Ruby library that allows for scripted audits, and a multi-user multiscan web collaboration platform. Its simple REST API makes integration easy. It can also support complex web applications that make heavy use JavaScript, HTML5, DOM manipulation, and AJAX thanks to its integrated browser environment.

WebReaver is an easy-to-use, fully-automated web application security security test tool for Mac, Windows, and Linux. It is suitable for both novice and advanced users. WebReaver lets you quickly test any web application for a wide range of vulnerabilities, including SQL Injection, local or remote file Includes, command Injection and cross-site scripting. You can also test for the less serious ones like information leakage, variety of session and headers problems, and more. Automated security testing technologies such as those that rely on scanning, fuzzyzing, and sending arbitrary malicious information to detect security defects can cause serious damage to the web applications they are being used against. It is recommended that automated tests be performed only against systems in pre-production, testing, or demo environments.

DevSecOps runs at full speed, with deep inspection of container images, and policy-based compliance. Containers are the future of application development in a fast-paced and flexible environment. While adoption is increasing, there are also risks. Anchore allows you to quickly manage, secure and troubleshoot containers without slowing down. It makes container development and deployment secure right from the beginning. Anchore ensures that your containers meet the standards you set. The tools are transparent for developers, easily visible to production, easy to use security, and designed to accommodate the fluid nature of containers. Anchore is a trusted standard for containers. It allows you to certify containers, making them more predictable and protected. You can deploy containers with confidence. A complete container image security solution can help you protect yourself from potential risks.

Zenmap is the official Nmap Security Scanning GUI. It can be used on multiple platforms (Linux OS X, Windows OS X, Mac OS X and BSD). It is free and open-source. Nmap is designed to be easy to use for beginners while offering advanced features for more experienced users. To make it easier to run them again and again, you can save frequently used scans as profiles. A command creator allows interactive creation and editing of Nmap command lines. You can save scan results and view them later. To compare scan results, you can save them and then view them later. The scan results are stored in a searchable database. Zenmap is often available as part of Nmap. You can download it from the Nmap download page. Zenmap is very intuitive. You can read the Zenmap User's Guide for more information or visit the Zenmap man page to get quick reference information.

OpenSCAP provides many tools that can be used by auditors and administrators to help them assess, measure, and enforce security baselines. Our system is flexible and interoperable, which reduces the cost of security audits. OpenSCAP provides a wide range of configuration baselines and hardening guides that have been developed by the open-source community. This allows you to choose the security policy that best suits your organization's needs, regardless of its size. Security Content Automation Protocol (SCAP), is a U.S. standard that is maintained by the National Institute of Standards and Technology. OpenSCAP is an open-source project that implements and enforces this standard. It was awarded the SCAP1.2 certification by NIST in 2014. It is essential to ensure security compliance in an ever-changing world where new vulnerabilities are discovered and fixed every day.

Vega is able to help you identify and validate SQL Injection, cross site scripting, inadvertently revealed sensitive information, as well as other vulnerabilities. It runs on Linux, OS X and Windows. Vega can help identify vulnerabilities such as reflected cross-site, stored cross-site, blind SQL injections, remote file include, and shell injection. Vega can also check for SSL security settings and identify opportunities to improve the security of your TLS server. Vega also includes an automated scanner that can perform quick tests, and an intercepting proxy that can be used for tactical inspection. The Vega scanner detects SQL injection and other vulnerabilities. Vega has a website crawler that powers its automated scanner. Vega can log in to websites automatically when provided with user credentials.

Firejail is a SUID that restricts the running environment for untrusted applications using Linux namespaces or seccomp-bpf. This reduces the risk of security breach. It allows processes and their descendants to have their private view of globally shared kernel resources such as the network stack. process table, mount table. The software is written in C and requires almost no dependencies. It runs on any Linux system with a 3.x kernel or newer. The overhead is low and the sandbox is lightweight. There are no configuration files to edit, socket connections are closed, and no daemons running in background. All security features are directly implemented in Linux kernel and accessible on any Linux computer.