Skip to content
Golem Security Scanner

Golem Security Scanner

Golem is an open source web security scanner that helps developers and security professionals identify vulnerabilities in web applications. It can crawl and audit sites for issues like cross-site scripting, SQL injection, and improper access control.
Security & Privacy Vulnerability Scanner
web-security vulnerability-scanning web-application-security
Golem Security Scanner screenshot
Features Reviews Alternatives

Golem Security Scanner: Open Source Web Security Audit Tool

Discover vulnerabilities in web applications with Golem Security Scanner, a free and open source web security audit tool, identifying issues like cross-site scripting, SQL injection, and improper access control.

What is Golem Security Scanner?

Golem is an open source web application security scanner designed to help developers and security professionals identify vulnerabilities in their web apps and APIs. It works by crawling the target application and auditing it for common issues like cross-site scripting, SQL injection, command injection, path traversal, insecure deserialization, and improper access control.

Some key features of Golem include:

  • Easy to install and use - just download and run the Docker image
  • Automatic crawling and scanning of web apps
  • Hundreds of vulnerability tests covering OWASP Top 10 and more
  • CLI and web UI reports showing vulnerability details
  • Authentication scanning for common frameworks like Django, Rails, Laravel
  • Extensible via plugins to add new vuln checks

Golem is well-suited for developers looking to build and continuously test secure software, as well as security engineers and analysts looking to find weaknesses in web apps as part of application security programs or pen testing engagements. Its open source nature provides transparency into vulnerability detection logic and flexibility to customize scans.

Golem Security Scanner Features

Features

  1. Crawls and scans websites for security vulnerabilities
  2. Detects issues like XSS, SQLi, improper access control
  3. Open source and self-hosted
  4. Customizable scan profiles and rules
  5. Command line and web UI available
  6. Integrates with CI/CD pipelines
  7. Extendable via plugins
  8. Generates customizable reports

Pricing

  • Open Source

Pros

Free and open source

Self-hosted so you control the data

Easy to customize scans and rules

Active community support

Integrates into development workflows

Cons

Requires more technical expertise to set up and use

Limited official documentation

Not as feature-rich as commercial products

No official support offered

Official Links

Official Website
https://www.golemtechnologies.com

Reviews & Ratings

Login to Review
No reviews yet

Be the first to share your experience with Golem Security Scanner!

Login to Review

The Best Golem Security Scanner Alternatives

View all Golem Security Scanner alternatives with detailed comparison →

Top Security & Privacy and Vulnerability Scanner and other similar apps like Golem Security Scanner

Here are some alternatives to Golem Security Scanner:

Tamper Data icon
Tamper Data
Ammonite icon
Ammonite
CWIS website antivirus icon
CWIS website antivirus
Suggest an alternative ❐

Tamper Data icon

Tamper Data

Tamper Data is a free browser extension for Firefox that allows users to view and modify HTTP/HTTPS headers and post parameters. It can be a useful tool for web developers, security testers, and anyone interested in analyzing or debugging web traffic.Once installed, Tamper Data appears as a sidebar panel in...
Ammonite icon

Ammonite

Ammonite is an open-source Read-Eval-Print Loop (REPL) and script runner for the Scala programming language. It provides an improved interactive shell and scripting environment compared to the default Scala REPL.Some key features of Ammonite include:Advanced tab-completion and syntax highlightingScript running - ability to run Scala scripts with dependenciesBuilt-in package managementMulti-line...
CWIS website antivirus icon

CWIS website antivirus

CWIS website antivirus is a cloud-based solution that helps website owners detect and remove malware from their sites. It works by continuously scanning website files, databases, and traffic for suspicious code or content that could compromise security or performance.Some key features of CWIS website antivirus include:Real-time malware scanning - As...
CWIS website antivirus image

Related Software

Bitwarden Bitwarden
1Password 1Password
Tunnelblick Tunnelblick
Sandboxie Plus Sandboxie Plus
Auth0 Auth0
Tor Browser Tor Browser
OpenSSH OpenSSH
Hacker's Keyboard Hacker's Keyboard