2204 Open source projects that are alternatives of or similar to Aiodnsbrute

In-depth Attack Surface Mapping and Asset Discovery

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Intelligence and Reconnaissance Package/Bundle installer.

无状态子域名爆破工具

In-depth Attack Surface Mapping and Asset Discovery

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

A MongoDB importer and API for Project Sonars DNS datasets

HostHunter a recon tool for discovering hostnames using OSINT techniques.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Web path scanner

OneForAll是一款功能强大的子域收集工具

A high performance offensive security tool for reconnaissance and vulnerability scanning

Relational database brute force and post exploitation tool for MySQL and MSSQL

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

A C library for asynchronous DNS requests

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

Rescope is a tool geared towards pentesters and bugbounty researchers, that aims to make life easier when defining scopes for Burp Suite and OWASP ZAP.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

DNS Sub-domain brute forcer, in Python + gevent

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Adversary Simulation Framework

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Semi-automatic OSINT framework and package manager

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Sifter aims to be a fully loaded Op Centre for Pentesters

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Next generation web scanner

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Port scanning and domain utility.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Handbook of information collection for penetration testing and src

Extract subdomains from SSL certificates in HTTPS sites.

Network footprint scanner platform. Discover domains and run your custom checks periodically.

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

my oscp prep collection

Maryam: Open-source Intelligence(OSINT) Framework

A tool to hunt for publicly accessible DigitalOcean Spaces

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Dedicated to JavaScript and its awesome community since 2015

findCDN is a tool created to help accurately identify what CDN a domain is using.

Simple Python tool to check if there is an Office 365 instance linked to a domain.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Docker image for osint

Related subdomains finder

👻Impost3r -- A linux password thief

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

Dumain Bruteforcer - a fast and flexible domain bruteforcer