RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+936.77%)
onedrive user enumonedrive user enumeration - pentest tool to enumerate valid onedrive users
Stars: ✭ 223 (+0%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+2717.94%)
bing-ip2hostsbingip2hosts is a Bing.com web scraper that discovers websites by IP address
Stars: ✭ 99 (-55.61%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+20.63%)
linkyYet Another LInkedIn Scraper...
Stars: ✭ 44 (-80.27%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-88.79%)
LuciferA Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
Stars: ✭ 302 (+35.43%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+101.79%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (+43.5%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+2095.96%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-20.63%)
DotdotslashSearch for Directory Traversal Vulnerabilities
Stars: ✭ 297 (+33.18%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (+102.24%)
revshfuzzA tool for fuzzing for ports that allow outgoing connections
Stars: ✭ 18 (-91.93%)
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (-82.96%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (-77.58%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-25.11%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-65.02%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (+33.18%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (+80.27%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+44.39%)
Lockdoor Framework🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+203.59%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+3149.33%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (+478.48%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+142.6%)
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-25.11%)
OsmedeusFully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+1420.63%)
wifibangwifi attacks suite
Stars: ✭ 56 (-74.89%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+1784.3%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+65.92%)
gotorThis program provides efficient web scraping services for Tor and non-Tor sites. The program has both a CLI and REST API.
Stars: ✭ 97 (-56.5%)
ErodirA fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-57.85%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+13%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (+131.84%)
findcdnfindCDN is a tool created to help accurately identify what CDN a domain is using.
Stars: ✭ 64 (-71.3%)
FisherManCLI program that collects information from facebook user profiles via Selenium.
Stars: ✭ 117 (-47.53%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+130.04%)
EggshelliOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+476.68%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: ✭ 144 (-35.43%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+1042.6%)
Iposint⚠️WARNING: This project now become part of https://github.com/j3ssie/Metabigor project
Stars: ✭ 178 (-20.18%)
Bscanan asynchronous target enumeration tool
Stars: ✭ 207 (-7.17%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (+945.29%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-21.97%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-10.76%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (-3.14%)
Misp ModulesModules for expansion services, import and export in MISP
Stars: ✭ 198 (-11.21%)
KillchainA unified console to perform the "kill chain" stages of attacks.
Stars: ✭ 172 (-22.87%)
PockintA portable OSINT Swiss Army Knife for DFIR/OSINT professionals 🕵️ 🕵️ 🕵️
Stars: ✭ 196 (-12.11%)
PymetaPymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Stars: ✭ 170 (-23.77%)
ZigdiggityA ZigBee hacking toolkit by Bishop Fox
Stars: ✭ 169 (-24.22%)
IkyOSINT Project
Stars: ✭ 203 (-8.97%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-17.49%)