I got tired of slow, bloated scanners that spit out 500 “findings” where 490 are noise.
So I built Lonkero – a fast web vulnerability scanner in Rust.
What it does:
∙ 60+ attack modules (XSS, SQLi, SSRF, IDOR, misconfigs…)
∙ Crawls and fuzzes automatically
∙ Low false positives – focuses on real, exploitable bugs
∙ Single binary, no dependencies
Why Rust?
Speed. Memory safety. No GC pauses during large scans. It handles thousands of requests without breaking a sweat.
Quick example:
lonkero scan --target https://example.com --modules xss,sqli
Who’s it for:
∙ Pentesters who want fast recon
∙ Bug bounty hunters grinding multiple targets
∙ Devs who want to scan before shipping
I’ve found 130+ valid bugs with it across various programs.
Try it: Try Lonkero free
Would love feedback from the community. What modules would you want to see next?
Top comments (0)