Top 116 enumeration open source projects

Enumerate information from NTLM authentication enabled web endpoints 🔎

A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

A Network Enumeration and Attack Toolset for Windows Active Directory Environments.

Modern alternative to dirbuster/dirb

an asynchronous target enumeration tool

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

🔩 Provides enumerations for PHP & frameworks integrations

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Intelligence and Reconnaissance Package/Bundle installer.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Relational database brute force and post exploitation tool for MySQL and MSSQL

Monitor linux processes without root permissions

A Go implementation of dirsearch.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Bash script purposed for system enumeration, vulnerability identification and privilege escalation.

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

In-depth Attack Surface Mapping and Asset Discovery

Automated NoSQL database enumeration and web application exploitation tool.

Username enumeration and password spraying tool aimed at Microsoft O365.

Automatic Service Enumeration Script

Perform automated network reconnaissance scans

How to prepare for OSCP complete guide

Powerful Visual Subdomain Enumeration at the Click of a Mouse

A collection of personal scripts used in hacking excercises.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A fast, simple, recursive content discovery tool written in Rust.

A fast web directory/file enumeration tool written in Rust

The Offensive Manual Web Application Penetration Testing Framework.

Simple, extensible and powerful enumeration implementation for Laravel.

bug bounty hunters starter notes

Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.

Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.

Simple Server Side Request Forgery services enumeration tool.

This repository contains a class that allows the enumeration of video and audio devices in order to get the device IDs that are required to create a VideoCapture object inside OpenCV (in Windows).

Security Tool to Look For Interesting Files in S3 Buckets

This tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.

无状态子域名爆破工具

A shell script that automatically performs a series of *NIX enumeration tasks.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

🆕 The Multi-Tool Web Vulnerability Scanner.

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

Multi Tool Subdomain Enumeration

kernel privilege escalation enumeration and exploitation framework

In-depth Attack Surface Mapping and Asset Discovery

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Notes for taking the OSCP in 2097. Read in book form on GitBook

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

High performance LINQ implementation with minimal heap allocations. Supports enumerables, async enumerables, arrays and Span<T>.

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Simple and fast implementation of enumerations with native PHP

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.