HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+982.54%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (-13.49%)
go-spyseThe official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.
Stars: ✭ 25 (-80.16%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+246.03%)
OdinAutomated network asset, email, and social media profile discovery and cataloguing.
Stars: ✭ 476 (+277.78%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+12.7%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-16.67%)
sherlock🔎 Find usernames across social networks
Stars: ✭ 52 (-58.73%)
querytoolQuerytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-17.46%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+307.14%)
DaProfilerDaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
Stars: ✭ 58 (-53.97%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+173.02%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+290.48%)
GasmaskInformation gathering tool - OSINT
Stars: ✭ 518 (+311.11%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+22573.81%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+62.7%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-32.54%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+103.17%)
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (+119.05%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (+115.08%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+2753.97%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+135.71%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+411.11%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+5650.79%)
AttacksurfacemapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Stars: ✭ 702 (+457.14%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+174.6%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+160.32%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (+207.94%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+1147.62%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+242.86%)
AquatoneA Tool for Domain Flyovers
Stars: ✭ 4,405 (+3396.03%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+303.97%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+300%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+523.81%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-80.16%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+501.59%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+604.76%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+641.27%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+381.75%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+377.78%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+519.84%)
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+4603.97%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+665.08%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-78.57%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-69.84%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+603.97%)
LenzConsole based MAP 🗺 : with lots of features 🤩
Stars: ✭ 51 (-59.52%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-50.79%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+603.17%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+823.81%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-62.7%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-47.62%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-42.06%)
CloudfailUtilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+883.33%)
CerteagleWeaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-38.1%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-14.29%)
Investigo🔎 Find usernames and download their data across social media.
Stars: ✭ 168 (+33.33%)