Skip to main content

Welcome to scan4all

scan4all is a powerful, all-in-one security scanning tool designed for red team operations, penetration testing, and vulnerability assessment. It combines multiple scanning engines and detection techniques into a single, efficient command-line tool.

Key Features

15000+ Vulnerability POCs

Comprehensive vulnerability detection using Nuclei, xray, and custom Go POCs

Password Cracking

Brute force support for 23 protocols including SSH, RDP, MySQL, PostgreSQL, and more

Port Scanning

Advanced port scanning with 146 protocols and 90000+ rules via nmap/naabu

Web Fingerprinting

Identify web technologies with 7000+ fingerprint signatures

HTTP Smuggling Detection

Detect HTTP Request Smuggling vulnerabilities (CL-TE, TE-CL, TE-TE, CL-CL)

Smart SSL Analysis

Automatic subdomain enumeration from SSL certificates

Quick Start

Get started with scan4all in minutes:

Installation

Download and install scan4all on your system

Quickstart Guide

Run your first scan and understand the basics

Basic Usage

Learn common scanning patterns and workflows

Configuration

Configure scan4all for your specific needs
Scan entire networks to identify open ports, running services, and known vulnerabilities across multiple hosts.
Discover web technologies, detect misconfigurations, and identify vulnerabilities in web applications using comprehensive POC database.
Test password strength across 23 different protocols and services with intelligent dictionary-based attacks.
Combine port scanning, service enumeration, and exploitation in a single tool for efficient penetration testing workflows.

What Makes scan4all Different?

All-in-One Solution: Unlike other tools that specialize in one area, scan4all combines port scanning, vulnerability detection, password cracking, and web fingerprinting in a single binary.
  • Extensive POC Database: 15000+ vulnerability checks including CVE exploits for major platforms
  • Smart Automation: Intelligent SSL analysis, honeypot detection, and automatic subdomain enumeration
  • High Performance: Optimized for speed with configurable threading and rate limiting
  • Multiple Output Formats: JSON, CSV, and text output with optional Elasticsearch integration
  • Active Development: Continuously updated with new POCs and detection capabilities

Community & Support

GitHub Repository

View source code, report issues, and contribute

Best Practices

Learn effective scanning strategies and optimization tips
Responsible Use: scan4all is a powerful security testing tool. Always obtain proper authorization before scanning any systems you do not own or have explicit permission to test.

Build docs developers (and LLMs) love

Get started for freeTalk to us