
Tsunami is a general purpose network security scanner - todsacerdoti
https://github.com/google/tsunami-security-scanner
======
jpalomaki
Apache licensed, comes from Google.

Related blog post: [https://opensource.googleblog.com/2020/06/tsunami-
extensible...](https://opensource.googleblog.com/2020/06/tsunami-extensible-
network-scanning.html?m=1)

~~~
elric
And written in Java.

------
rtempaccount1
Interesting looking project, although at the moment it's only useful for a
small range of issues.

One of the harder parts of vulnerability scanning is building and maintaining
the plugin database. Nessus, which is one of the older and better known VA
tools has 10's of thousands of plugins...

There are other, open source, vulnerability scanning tools available as well
like OpenVAS [https://www.openvas.org/](https://www.openvas.org/)

~~~
Fnoord
Nessus used to be FOSS (before 2005). OpenVAS is a Nessus fork.

------
qubex
The name (“Tsunami”) and the description (“network scanner”) reminded me of
the architecturally very innovative “ _Paketto Keiretsu_ [1]” from the very
early 2000s. Very fond memories. I remember that the speed it achieved
compared to (say) _nmap_ was truly astounding.

[1]
[http://freshmeat.sourceforge.net/projects/paketto/](http://freshmeat.sourceforge.net/projects/paketto/)

------
lazyeye
What data flows back to Google from an internal Tsunami server?

~~~
damniatx
we need another scanner for that.

