1328 Open source projects that are alternatives of or similar to Deadtrap

A high performance offensive security tool for reconnaissance and vulnerability scanning

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

Making Favicon.ico based Recon Great again !

swiss army knife for hackers

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Fully automated offensive security framework for reconnaissance and vulnerability scanning

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Information gathering tool - OSINT

HostHunter a recon tool for discovering hostnames using OSINT techniques.

E-mails, subdomains and names Harvester - OSINT

Pentest: Subdomains enumeration tool for penetration testers.

A passive subdomain finder

🔎 Find usernames across social networks

🔎 Find usernames and download their data across social media.

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

This tool gives information about the phone number that you entered.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.

Advanced Reconnaissance tool to enumerate attacking surface of the target.

Infoga - Email OSINT

A fast GitHub stargazers information gathering tool

my oscp prep collection

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Perform automated network reconnaissance scans

🔎 Hunt down social media accounts by username across social networks

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

OSINT

Information Gathering tool for a Website or IP address

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

👀 Some of my favorite OSINT tools.

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Information gathering & website reconnaissance | https://phishstats.info/

network reconnaissance toolkit

Automated network asset, email, and social media profile discovery and cataloguing.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

OSINT Tool: Generate username lists for companies on LinkedIn

Automatically Launch Google Hacking Queries Against A Target Domain

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Auto Scanning to SSL Vulnerability

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

In-depth Attack Surface Mapping and Asset Discovery

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Web path scanner

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

The Swiss Army knife for automated Web Application Testing

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Powerfull XSS Scanning and Parameter analysis tool&gem