NtlmreconEnumerate information from NTLM authentication enabled web endpoints π
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance withβ¦
AutoreconSimple shell script for automated domain recognition with some tools
BugbountyscannerA Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
PdlistA passive subdomain finder
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
GitemA Github organization reconnaissance tool.
GetjsA tool to fastly get all javascript sources/files
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Rebel FrameworkAdvanced and easy to use penetration testing framework π£π
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
YarYar is a tool for plunderin' organizations, users and/or repositories.
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Url TrackerChange monitoring app that checks the content of web pages in different periods.
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Mqtt PwnMQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
MassdnsA high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Pyiris BackdoorPyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
IntelspyPerform automated network reconnaissance scans
SeekerAccurately Locate Smartphones using Social Engineering
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
SubrakeA Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Scillaπ΄ββ οΈ Information Gathering tool π΄ββ οΈ DNS / Subdomains / Ports / Directories enumeration
GitmonitorOne way to continuously monitor sensitive information that could be exposed on Github
BassBass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"
UddupUrls de-duplication tool for better recon.
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
HackvaultA container repository for my public web hacks!
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Geo ReconAn OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.
CerteagleWeaponizing Live CT logs for automated monitoring ofΒ assets
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
FierceA DNS reconnaissance tool for locating non-contiguous IP space.
HaliveA fast http and https prober, to check which URLs are alive
Github ReconGitHub Recon β and what you can achieve with it!
Eyesπ π₯οΈ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" π π΅οΈ
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Recon RavenReconnaissance tool of Penetration test & Bug Bounty
Sn0intSemi-automatic OSINT framework and package manager