Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: β 167 (+882.35%)
Rapidscanπ The Multi-Tool Web Vulnerability Scanner.
Stars: β 775 (+4458.82%)
Scillaπ΄ββ οΈ Information Gathering tool π΄ββ οΈ DNS / Subdomains / Ports / Directories enumeration
Stars: β 116 (+582.35%)
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: β 183 (+976.47%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: β 427 (+2411.76%)
KeyeKeye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: β 101 (+494.12%)
DirsearchWeb path scanner
Stars: β 7,246 (+42523.53%)
AshokAshok is a OSINT Recon Tool , a.k.a π Swiss Army knife .
Stars: β 109 (+541.18%)
Ctf NotesEverything needed for doing CTFs
Stars: β 304 (+1688.24%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: β 32,909 (+193482.35%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: β 45 (+164.71%)
warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: β 53 (+211.76%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: β 3,391 (+19847.06%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: β 66 (+288.24%)
SublertSublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: β 699 (+4011.76%)
ggtfobinsGet GTFOBins info about a given exploit from the command line
Stars: β 27 (+58.82%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: β 61 (+258.82%)
graphw00fgraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
Stars: β 260 (+1429.41%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: β 189 (+1011.76%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: β 1,290 (+7488.24%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: β 94 (+452.94%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: β 1,928 (+11241.18%)
Horn3tPowerful Visual Subdomain Enumeration at the Click of a Mouse
Stars: β 120 (+605.88%)
IntelspyPerform automated network reconnaissance scans
Stars: β 134 (+688.24%)
ReconnoitreA security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: β 1,824 (+10629.41%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: β 199 (+1070.59%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance withβ¦
Stars: β 3,439 (+20129.41%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: β 86 (+405.88%)
Badkarmanetwork reconnaissance toolkit
Stars: β 353 (+1976.47%)
aquatoneA Tool for Domain Flyovers
Stars: β 43 (+152.94%)
Intrigue CoreDiscover Your Attack Surface!
Stars: β 1,013 (+5858.82%)
Eyesπ π₯οΈ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" π π΅οΈ
Stars: β 38 (+123.53%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: β 173 (+917.65%)
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: β 59 (+247.06%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: β 2,548 (+14888.24%)
Awesome BbhtA bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: β 190 (+1017.65%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints π
Stars: β 252 (+1382.35%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: β 1,572 (+9147.06%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: β 297 (+1647.06%)
ProcspyPython tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
Stars: β 272 (+1500%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: β 382 (+2147.06%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: β 2,312 (+13500%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: β 1,021 (+5905.88%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: β 859 (+4952.94%)
webreconAutomated Web Recon Shell Scripts
Stars: β 48 (+182.35%)
Oscp AutomationA collection of personal scripts used in hacking excercises.
Stars: β 118 (+594.12%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: β 91 (+435.29%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: β 182 (+970.59%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: β 177 (+941.18%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: β 273 (+1505.88%)
InterlaceEasily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: β 760 (+4370.59%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: β 163 (+858.82%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: β 142 (+735.29%)
CEHExam Prep for the Ec-council Certified Ethical Hacker 312-50
Stars: β 71 (+317.65%)
WPCrackerWordPress pentest tool
Stars: β 34 (+100%)
goLazagneGo library for credentials recovery
Stars: β 177 (+941.18%)