All Projects → kpcyrd → Sn0int

kpcyrd / Sn0int

Licence: gpl-3.0
Semi-automatic OSINT framework and package manager

Programming Languages

rust
11053 projects
lua
6591 projects

Projects that are alternatives of or similar to Sn0int

Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+322.48%)
Mutual labels:  osint, reconnaissance, recon, bug-bounty, pentesting
Git Hound
Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (-26.04%)
Mutual labels:  osint, reconnaissance, recon, bug-bounty
Spaces Finder
A tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-85.01%)
Mutual labels:  osint, pentesting, reconnaissance, recon
Vajra
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-66.95%)
Mutual labels:  osint, pentesting, recon, bug-bounty
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+184.03%)
Mutual labels:  osint, pentesting, reconnaissance, security-scanner
Intrec Pack
Intelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-78.26%)
Mutual labels:  osint, pentesting, reconnaissance, recon
Gitgot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+18.43%)
Mutual labels:  osint, reconnaissance, recon, security-scanner
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-47.54%)
Mutual labels:  osint, pentesting, reconnaissance, recon
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-33.54%)
Mutual labels:  osint, pentesting, reconnaissance, recon
flydns
Related subdomains finder
Stars: ✭ 29 (-96.44%)
Mutual labels:  osint, bug-bounty, recon, reconnaissance
Favfreak
Making Favicon.ico based Recon Great again !
Stars: ✭ 564 (-30.71%)
Mutual labels:  osint, reconnaissance, recon
aquatone
A Tool for Domain Flyovers
Stars: ✭ 43 (-94.72%)
Mutual labels:  osint, bug-bounty, reconnaissance
querytool
Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-87.22%)
Mutual labels:  osint, recon, reconnaissance
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-79.48%)
Mutual labels:  osint, recon, reconnaissance
quick-recon.py
Do some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-98.4%)
Mutual labels:  osint, pentesting, reconnaissance
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+658.6%)
Mutual labels:  osint, reconnaissance, recon
mailcat
Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
Stars: ✭ 219 (-73.1%)
Mutual labels:  osint, recon, reconnaissance
Osint tips
OSINT
Stars: ✭ 322 (-60.44%)
Mutual labels:  osint, pentesting, reconnaissance
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+745.45%)
Mutual labels:  osint, reconnaissance, pentesting
Aiodnsbrute
Python 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-54.55%)
Mutual labels:  osint, pentesting, recon

sn0int Build Status crates.io Documentation Status irc.hackint.org:6697/#sn0int @sn0int @sn0int@chaos.social registry status

sn0int (pronounced /snoɪnt/) is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack surface by semi-automatically processing public information and mapping the results in a unified format for followup investigations.

Among other things, sn0int is currently able to:

  • Harvest subdomains from certificate transparency logs and passive dns
  • Enrich ip addresses with asn and geoip info
  • Harvest emails from pgp keyservers and whois
  • Discover compromised logins in breaches
  • Find somebody's profiles across the internet
  • Enumerate local networks with unique techniques like passive arp
  • Gather information about phonenumbers
  • Attempt to bypass cloudflare with shodan
  • Harvest data and images from instagram profiles
  • Scan images for nudity

sn0int is heavily inspired by recon-ng and maltego, but remains more flexible and is fully opensource. None of the investigations listed above are hardcoded in the source, instead those are provided by modules that are executed in a sandbox. You can easily extend sn0int by writing your own modules and share them with other users by publishing them to the sn0int registry. This allows you to ship updates for your modules on your own since you don't need to send a pull request.

For questions and support join us on IRC: irc.hackint.org:6697/#sn0int

asciicast

Installation

Archlinux

pacman -S sn0int

Mac OSX

brew install sn0int

Debian/Ubuntu/Kali

There are prebuilt packages signed by a debian maintainer. We can import the key for this repository out of the debian keyring.

apt install debian-keyring
gpg -a --export --keyring /usr/share/keyrings/debian-maintainers.gpg [email protected] | apt-key add -
apt-key adv --keyserver keyserver.ubuntu.com --refresh-keys [email protected]
echo deb http://apt.vulns.sexy stable main > /etc/apt/sources.list.d/apt-vulns-sexy.list
apt update
apt install sn0int

Docker

docker run --rm --init -it -v "$PWD/.cache:/cache" -v "$PWD/.data:/data" kpcyrd/sn0int

Alpine

apk add sn0int

OpenBSD

pkg_add sn0int

Gentoo

layman -a pentoo
emerge --ask net-analyzer/sn0int

NixOS

nix-env -i sn0int

For everything else please have a look at the detailed list.

Getting started

Rationale

This tool was written for companies to help them understand their attack surface from a blackbox point of view. It's often difficult to understand that something is easier to discover than some people assume, putting them at risk of false security.

It's also designed to be useful for red team assessments and bug bounties, which also help companies to identify weaknesses that could result in a compromise.

Some functionality was written to do the same thing for individuals to raise awareness about personal attack surface, privacy and how much data is publicly available. These issues are often out of scope in bug bounties and sometimes by design. We believe that blaming the user is the wrong approach and these issues should be addressed at the root cause by the people designing those systems.

License

GPLv3+

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].