MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+96.3%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-86.57%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1492.13%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-80.09%)
Learn365This repo is about @harshbothra_ 365 days of learning Tweet & Mindmap collection
Stars: ✭ 525 (+143.06%)
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (-9.26%)
IkyOSINT Project
Stars: ✭ 203 (-6.02%)
Osint collectionMaintained collection of OSINT related resources. (All Free & Actionable)
Stars: ✭ 809 (+274.54%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+332.41%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-80.56%)
PdlistA passive subdomain finder
Stars: ✭ 204 (-5.56%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+79.17%)
BasecrackDecode All Bases - Base Scheme Decoder
Stars: ✭ 196 (-9.26%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+150.46%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+3254.63%)
DomainedMulti Tool Subdomain Enumeration
Stars: ✭ 688 (+218.52%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+310.65%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+161.11%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-74.07%)
Qsfuzzqsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
Stars: ✭ 201 (-6.94%)
S3scannerScan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (+510.65%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-70.83%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-55.56%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-21.76%)
CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-15.74%)
BugbountyguideBug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.
Stars: ✭ 338 (+56.48%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (+85.65%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+53.24%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+135.65%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+97.69%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+1845.37%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-35.19%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+3086.11%)
Assessment MindsetSecurity Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
Stars: ✭ 608 (+181.48%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+261.57%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-19.44%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+310.19%)
Can I Take Over Xyz"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (+1200%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+396.76%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+4057.87%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-71.3%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+452.78%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+438.89%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-78.7%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-41.67%)
Chatterinternet monitoring osint telegram bot for windows
Stars: ✭ 123 (-43.06%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-43.52%)
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Stars: ✭ 148 (-31.48%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-33.33%)
KarmaFind leaked emails with your passwords
Stars: ✭ 154 (-28.7%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+1587.04%)
HettyHetty is an HTTP toolkit for security research.
Stars: ✭ 3,596 (+1564.81%)