1437 Open source projects that are alternatives of or similar to Bigbountyrecon

OSINT Tool: Generate username lists for companies on LinkedIn

Data leak checker & OSINT Tool

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

Simple Python tool to check if there is an Office 365 instance linked to a domain.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

A tool to automate penetration tests

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

Extract subdomains from SSL certificates in HTTPS sites.

💀 A bash hacking and scanning framework.

It records your terminal, then lets you upload to ASHIRT

🔎 Find usernames and download their data across social media.

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

all manner of wordlists

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

Information gathering tool - OSINT

Don't Just Search OSINT. Sweep It.

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Monitoring GitHub for sensitive data shared publicly

Network footprint scanner platform. Discover domains and run your custom checks periodically.

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Gosint is a distributed asset information collection and vulnerability scanning platform

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

Multi source CVE/exploit parser.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Autowin is a framework that helps organizations simulate custom attack scenarios in order to improve detection and response capabilities.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

An Extended, Modulair, Host Discovery Framework

A fast DOM based XSS vulnerability scanner with simplicity.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Hetty is an HTTP toolkit for security research.

recon-ng modules for Censys

Unleash the power of cloud

goverview - Get an overview of the list of URLs

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Tool to automate recon

Mass querying whois records

A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

🔑 Hash type identifier (CLI & lib)

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

🎯 XML External Entity (XXE) Injection Payload List

It's a Docker Environment for pentesting which having all the required tool for VAPT.

Burp extension to decode NTLM SSP headers and extract domain/host information

Automated Web Recon Shell Scripts

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Simultaneously execute various subdomain enumeration tools and aggregate results.

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Cloud Container Attack Tool (CCAT) is a tool for testing security of container environments.

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

A MongoDB importer and API for Project Sonars DNS datasets

Generates combination of domain names from the provided input.

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Tips and Tutorials for Bug Bounty and also Penetration Tests.

Pentesting/Bugbounty Dockerfiles.

Reconness Agents Script