1328 Open source projects that are alternatives of or similar to Deadtrap

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

🔍 A Complete Osint Tool

E4GL30S1NT - Simple Information Gathering Tool

List of Awesome Asset Discovery Resources

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Discover Your Attack Surface!

Nuubi Tools (Information-ghatering|Scanner|Recon.)

Evildork targeting your fiancee👁️

A Tool for Domain Flyovers

Tool Information Gathering Write By Python.

Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more

(deprecated) Android application vulnerability analysis and Android pentest tool

Network footprint scanner platform. Discover domains and run your custom checks periodically.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Web Application Security Scanner Framework

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

一款信息泄漏利用工具，适用于.git/.svn源代码泄漏和.DS_Store泄漏

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Next generation web scanner

OneForAll是一款功能强大的子域收集工具

A list of web application security

Find emails of Github users

The Swiss Army knife for automated Web Application Testing

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

Maryam: Open-source Intelligence(OSINT) Framework

Find info about user by phone number using GetContact API

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

Information Gathering Instagram.

Pillage filesystems for sensitive information with Go.

A Tool for Domain Flyovers

hacker, ready for more of our story ! 🚀

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Automated network asset, email, and social media profile discovery and cataloguing.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

OSINT Tool: Generate username lists for companies on LinkedIn

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Automatically Launch Google Hacking Queries Against A Target Domain

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

It's a simple tool for test vulnerability shellshock

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Auto Scanning to SSL Vulnerability

In-depth Attack Surface Mapping and Asset Discovery

Powerfull XSS Scanning and Parameter analysis tool&gem

Sifter aims to be a fully loaded Op Centre for Pentesters

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

pentest framework

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

HOSTS file and research project to block all known NSA / GCHQ / C.I.A. / F.B.I. spying server

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

Web path scanner

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

A Fast Broken Link Hijacker Tool written in Python