Acunetix
Web vulnerability scanner for automated security testing of websites and web apps
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Fast, asynchronous reconnaissance suite for offensive security professionals
Raccoon automates DNS, WHOIS, TLS, port, subdomain, and web‑application reconnaissance, delivering organized results with Tor/proxy support and asyncio‑driven performance in a single command.
Raccoon is a command‑line reconnaissance suite aimed at penetration testers, bug bounty hunters, and red‑team operators who need rapid, scriptable data collection. Built with Python's asyncio, it runs many scans in parallel while offering optional anonymity through Tor or proxy lists.
The tool gathers DNS records, WHOIS data, TLS cipher and certificate details, and performs Nmap‑based port and service enumeration. It enumerates subdomains via Google dorking, DNS dumpster, SAN discovery, and brute‑force, and extracts extensive web‑application information such as CMS detection, server headers, robots.txt, sitemaps, cookies, forms, email addresses, and vulnerable S3 buckets. Results are saved in a structured folder hierarchy, making post‑scan analysis straightforward.
Install via pip (pip install raccoon-scanner) or run the official Docker image. Prerequisites include Nmap and OpenSSL. The CLI provides granular options for wordlists, threading, and output handling, allowing integration into automated workflows.
When teams consider Raccoon, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Initial target profiling
Gather DNS records, WHOIS, and TLS details to build a baseline of the target’s infrastructure.
Web application surface discovery
Detect CMS, server headers, exposed directories, forms, and vulnerable S3 buckets, enabling focused exploitation.
Anonymous external scanning
Route HTTP requests through Tor or random proxies to hide source IP while enumerating subdomains and URLs.
Port and service enumeration
Run Nmap with optional scripts and vulnerability checks, producing organized reports for later analysis.
Yes, Nmap is required for port, service, and script scans; install it beforehand.
Currently only file‑based folder output is supported; JSON output is planned for a future release.
Routing through Tor adds latency and can significantly slow total runtime, but provides anonymity.
Yes, an official Dockerfile is provided; you can build and run scans inside the container.
Raccoon requires Python 3.5 or newer; use pip3 if your system defaults to Python 2.
Project at a glance
StableLast synced 4 days ago
