ReconnoteWeb Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Stars: ✭ 322 (-19.9%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-33.33%)
Esp Rfid ToolA tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
Stars: ✭ 262 (-34.83%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+677.11%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-36.07%)
OverlordOverlord - Red Teaming Infrastructure Automation
Stars: ✭ 258 (-35.82%)
Envizonnetwork visualization & vulnerability management/reporting
Stars: ✭ 382 (-4.98%)
SubfinderSubfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
Stars: ✭ 4,509 (+1021.64%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (-19.9%)
StalkphishStalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (-36.32%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-36.32%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-20.4%)
QuickScanPort scanning and domain utility.
Stars: ✭ 26 (-93.53%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-11.69%)
ipranges🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft (Azure), Oracle (Cloud) and DigitalOcean with daily updates.
Stars: ✭ 38 (-90.55%)
PriestExtract server and IP address information from Browser SSRF
Stars: ✭ 13 (-96.77%)
Open-source-tools-for-CTIPublic Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-77.36%)
OsintgramOsintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
Stars: ✭ 312 (-22.39%)
wappylyzerImplementation of Wappalyzer in Python
Stars: ✭ 42 (-89.55%)
Top25 ParameterFor basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
Stars: ✭ 388 (-3.48%)
Email2phonenumberA OSINT tool to obtain a target's phone number just by having his email address
Stars: ✭ 379 (-5.72%)
BirdwatcherData analysis and OSINT framework for Twitter
Stars: ✭ 352 (-12.44%)
tomcter😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.
Stars: ✭ 18 (-95.52%)
youtube-metadataA quick way to gather all the metadata about a video, playlist, or channel from the YouTube API.
Stars: ✭ 58 (-85.57%)
Git-ScrapersCollect OSINT from git repositories
Stars: ✭ 15 (-96.27%)
grep for osintGREP FOR OSINT is a set of very simple shell scripts that will help you quickly analyze a text or a folder with files for data useful for investigation (phone numbers, bank card numbers, URLs, emails and nicknames).
Stars: ✭ 21 (-94.78%)
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (-83.58%)
Badkarmanetwork reconnaissance toolkit
Stars: ✭ 353 (-12.19%)
auth analyzerBurp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (-80.85%)
tenssensTenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Stars: ✭ 19 (-95.27%)
SinglefileWeb Extension for Firefox/Chrome/MS Edge and CLI tool to save a faithful copy of an entire web page in a single HTML file
Stars: ✭ 4,417 (+998.76%)
iocingestorAn extendable tool to extract and aggregate IoCs from threat feeds
Stars: ✭ 25 (-93.78%)
crawleetWeb Recon & Exploitation Tool.
Stars: ✭ 48 (-88.06%)
NamechkOsint tool based on namechk.com for checking usernames on more than 100 websites, forums and social networks.
Stars: ✭ 381 (-5.22%)
ScavengerCrawler (Bot) searching for credential leaks on different paste sites.
Stars: ✭ 347 (-13.68%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (-25.37%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-96.77%)
misp-osint-collectionCollection of best practices to add OSINT into MISP and/or MISP communities
Stars: ✭ 54 (-86.57%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (-25.37%)
ORtesterOpen Redirect scanner - (out of date)
Stars: ✭ 24 (-94.03%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-13.93%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-26.12%)
occliUnofficial Command Line Interface for OpenCorporates
Stars: ✭ 18 (-95.52%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-91.29%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (-26.12%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-90.55%)
OSINT-TOOLS-CLITHIS IS A CLI VERSION OF THE CHEAT SHEET FOR EASY ACCESS. IT CAN BE NAVIGATED WITHOUT USING COMMANDS.
Stars: ✭ 32 (-92.04%)
DnsgenGenerates combination of domain names from the provided input.
Stars: ✭ 389 (-3.23%)
Osi.igInformation Gathering Instagram.
Stars: ✭ 377 (-6.22%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-14.18%)
ShhgitAh shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com
Stars: ✭ 3,316 (+724.88%)
censys-maltegoCensys Maltego transforms! Take advantage of Censys transforms for Maltego to back your investigations with the most trusted Internet data available.
Stars: ✭ 25 (-93.78%)
SingleFile-LiteFeel the power of the Manifest V3. The future, right now!
Stars: ✭ 55 (-86.32%)
SusanooA REST API security testing framework.
Stars: ✭ 287 (-28.61%)