warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: ✭ 53 (-27.4%)
go-spyseThe official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.
Stars: ✭ 25 (-65.75%)
Mr.Holmes🔍 A Complete Osint Tool
Stars: ✭ 307 (+320.55%)
E4GL30S1NTE4GL30S1NT - Simple Information Gathering Tool
Stars: ✭ 139 (+90.41%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (+480.82%)
Intrigue CoreDiscover Your Attack Surface!
Stars: ✭ 1,013 (+1287.67%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (+4.11%)
evildorkEvildork targeting your fiancee👁️
Stars: ✭ 46 (-36.99%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-41.1%)
WebkillerTool Information Gathering Write By Python.
Stars: ✭ 300 (+310.96%)
toutatisToutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more
Stars: ✭ 803 (+1000%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (+250.68%)
PulsarNetwork footprint scanner platform. Discover domains and run your custom checks periodically.
Stars: ✭ 314 (+330.14%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-47.95%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+3930.14%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+4179.45%)
CloudscraperCloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Stars: ✭ 276 (+278.08%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (+242.47%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+1234.25%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+4698.63%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+5656.16%)
ZenFind emails of Github users
Stars: ✭ 343 (+369.86%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+1369.86%)
K8toolsK8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+5616.44%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+408.22%)
getcontactFind info about user by phone number using GetContact API
Stars: ✭ 228 (+212.33%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (+17.81%)
SandmapNmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Stars: ✭ 1,180 (+1516.44%)
Osi.igInformation Gathering Instagram.
Stars: ✭ 377 (+416.44%)
PillagerPillage filesystems for sensitive information with Go.
Stars: ✭ 64 (-12.33%)
AquatoneA Tool for Domain Flyovers
Stars: ✭ 4,405 (+5934.25%)
Hackinghacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+465.75%)
Appinfoscanner一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
Stars: ✭ 424 (+480.82%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+1220.55%)
OdinAutomated network asset, email, and social media profile discovery and cataloguing.
Stars: ✭ 476 (+552.05%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+497.26%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+590.41%)
HellraiserVulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+465.75%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (+491.78%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+597.26%)
ShellshockhunterIt's a simple tool for test vulnerability shellshock
Stars: ✭ 52 (-28.77%)
OsrframeworkOSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.
Stars: ✭ 534 (+631.51%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+641.1%)
A2svAuto Scanning to SSL Vulnerability
Stars: ✭ 524 (+617.81%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+8508.22%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+698.63%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+452.05%)
Holeheholehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Stars: ✭ 568 (+678.08%)
Pythempentest framework
Stars: ✭ 1,060 (+1352.05%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+724.66%)
NsablocklistHOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server
Stars: ✭ 630 (+763.01%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+849.32%)
Packer FuzzerPacker Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.
Stars: ✭ 753 (+931.51%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+9826.03%)
AttacksurfacemapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Stars: ✭ 702 (+861.64%)
VhostscanA virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+950.68%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+1115.07%)
BrokenlinkhijackerA Fast Broken Link Hijacker Tool written in Python
Stars: ✭ 45 (-38.36%)