NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
InstaloaderDownload pictures (or videos) along with their captions and other metadata from Instagram.
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
AsnASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server
OmnibusThe OSINT Omnibus (beta release)
MihariA helper to run OSINT queries & manage results continuously
LeakscraperLeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.
Moriarty ProjectThis tool gives information about the phone number that you entered.
MaigretOSINT username checker. Collect a dossier on a person by username from a huge number of sites.
OsweepDon't Just Search OSINT. Sweep It.
AutosqliAn automatic SQL Injection tool which takes advantage of ~DorkNet~ Googler, Ddgr, WhatWaf and sqlmap.
CrosslinkedLinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Git Vuln FinderFinding potential software vulnerabilities from git commit messages
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
PdlistA passive subdomain finder
Commit Stream#OSINT tool for finding Github repositories by extracting commit logs in real time from the Github event API
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Misp ModulesModules for expansion services, import and export in MISP
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
MosintAn automated e-mail OSINT tool
GitemA Github organization reconnaissance tool.
CardpwnOSINT Tool to find Breached Credit Cards Information
NetzDiscover internet-wide misconfigurations while drinking coffee
Misp TrainingMISP trainings, threat intel and information sharing training materials with source code
Twitter IntelligenceTwitter Intelligence OSINT project performs tracking and analysis of the Twitter
Iposint⚠️WARNING: This project now become part of https://github.com/j3ssie/Metabigor project
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
YarYar is a tool for plunderin' organizations, users and/or repositories.
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
BbreconPython library and CLI for the Bug Bounty Recon API
Venmo DataVenmo trasaction dataset for data analysis/visualization/anything
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
KarmaFind leaked emails with your passwords
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Tlosint LiveTrace Labs OSINT Linux Distribution based on Kali.
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
AutosintTool to automate common OSINT tasks
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
OnionsearchOnionSearch is a script that scrapes urls on different .onion search engines.
PasktoPaskto - Passive Web Scanner
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email