1437 Open source projects that are alternatives of or similar to Bigbountyrecon

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A high performance offensive security tool for reconnaissance and vulnerability scanning

HostHunter a recon tool for discovering hostnames using OSINT techniques.

OneForAll是一款功能强大的子域收集工具

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Intelligence and Reconnaissance Package/Bundle installer.

Related subdomains finder

Python 3.5+ DNS asynchronous brute force utility

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Enumerate information from NTLM authentication enabled web endpoints 🔎

The Collective. A repo for a collection of red-team projects found mostly on Github.

Do some quick reconnaissance on a domain-based web-application

OSINT

A tool to fastly get all javascript sources/files

A tool to hunt for publicly accessible DigitalOcean Spaces

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Python library and CLI for the Bug Bounty Recon API

🦄🔒 Awesome list of secrets in environment variables 🖥️

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

The all-in-one Red Team extension for Web Pentester 🛠

Making Favicon.ico based Recon Great again !

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Semi-automatic OSINT framework and package manager

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A passive subdomain finder

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Pentest: Subdomains enumeration tool for penetration testers.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

Attack Surface Management Platform | Sn1perSecurity LLC

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

apkizer is a mass downloader for android applications for all available versions.

swiss army knife for hackers

A tool for generating reverse shell payloads on the fly.

Information Security Library

Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

network reconnaissance toolkit

Maryam: Open-source Intelligence(OSINT) Framework

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Nuubi Tools (Information-ghatering|Scanner|Recon.)

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.

A Tool for Domain Flyovers

An advanced tool for email reconnaissance

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

Sifter aims to be a fully loaded Op Centre for Pentesters

Bifrost C2. Open-source post-exploitation using Discord API

Yet Another PHP Shell - The most complete PHP reverse shell

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Awesome cloud enumerator