RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+535.67%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+327.36%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-21.07%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+676.71%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-50.28%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+370.98%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-67.28%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-94.64%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-31.61%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-87.06%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-84.29%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-53.42%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-84.29%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-97.6%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-64.88%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-77.45%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-91.68%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-68.76%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-69.13%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+408.32%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+4.25%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+1172.09%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+50.46%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+260.26%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-76.71%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+526.8%)
PdlistA passive subdomain finder
Stars: ✭ 204 (-62.29%)
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (-59.15%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (-53.79%)
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (-92.98%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-73.75%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (-49.54%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-45.66%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (-75.6%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+805.18%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (-77.82%)
apkizerapkizer is a mass downloader for android applications for all available versions.
Stars: ✭ 40 (-92.61%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-36.04%)
LAZYPARIAHA tool for generating reverse shell payloads on the fly.
Stars: ✭ 121 (-77.63%)
SuperLibraryInformation Security Library
Stars: ✭ 60 (-88.91%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-38.82%)
go-spyseThe official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.
Stars: ✭ 25 (-95.38%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-34.75%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (-31.42%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (-16.64%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-85.95%)
querytoolQuerytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-80.78%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-92.05%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (-28.47%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (-25.69%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (-28.28%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-25.51%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-93.16%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-93.53%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-25.14%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-50.46%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-50.46%)