Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
AttacksurfacemapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
FavfreakMaking Favicon.ico based Recon Great again !
Sherlock🔎 Hunt down social media accounts by username across social networks
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
GasmaskInformation gathering tool - OSINT
ShufflednsshuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
OdinAutomated network asset, email, and social media profile discovery and cataloguing.
Shotlootera recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
MaryamMaryam: Open-source Intelligence(OSINT) Framework
NatlasScaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
PywerviewA (partial) Python rewriting of PowerSploit's PowerView
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Recon My WayThis repository created for personal use and added tools from my latest blog post.
ProcspyPython tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
UnChainA tool to find redirection chains in multiple URLs
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
DaProfilerDaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
doubletapA very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
bing-ip2hostsbingip2hosts is a Bing.com web scraper that discovers websites by IP address
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
querytoolQuerytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
sherlock🔎 Find usernames across social networks
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
lazyGrandmaa shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves
auto-recon-ngAutomated script to run all modules for a specified list of domains, netblocks or company name
mailcatFind existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
ArgosThis script will automatically set up an OSINT workstation starting from a Ubuntu OS.
adalancheActive Directory ACL Visualizer and Explorer - who's really Domain Admin?
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
go-spyseThe official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
PortforgeLightweight utility to fool port scanners
webreconAutomated Web Recon Shell Scripts
apkizerapkizer is a mass downloader for android applications for all available versions.