Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
To learn more about this, visit our documentation.
It relies heavily on its plugin system to provide basic scanning capabilities. All publicly available to this plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.
Current Status
Quick Start
To quickly get started with its scans,
nmap >= 7.80 ncrack >= 0.7bash -c "$(curl -sfL https://raw.githubusercontent.com/google/tsunami-security-scanner/master/quick_start.sh)"The quick_start.sh script performs the following tasks:
$HOME/tsunami/repos directory.jar files into $HOME/tsunami/plugins directory.$HOME/tsunami directory.tsunami.yaml example config into $HOME/tsunami directory.127.0.0.1 using the previously generated artifacts.Contributing
Read how to contribute to Tsunami.
Disclaimers
It is not an official Google product.
Journalists use OSINT to verify public information before publishing. In 2026, misinformation, AI-generated images, fake…
Docker is an open-source platform that lets you package and run applications inside containers. Each container…
PostgreSQL (often called Postgres) is an open-source relational database system. It supports advanced features like JSON…
Xrdp is an open-source server that lets you connect to your Ubuntu machine from another computer…
Apache Tomcat is an open-source web server and Java servlet container. It is one of the…
Keeping your Ubuntu system updated is one of the best ways to protect it. Security…