Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+63.34%)
Osi.igInformation Gathering Instagram.
Stars: ✭ 377 (-85.2%)
FisherManCLI program that collects information from facebook user profiles via Selenium.
Stars: ✭ 117 (-95.41%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (-84.22%)
tenssensTenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Stars: ✭ 19 (-99.25%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (-83.52%)
AquatoneA Tool for Domain Flyovers
Stars: ✭ 4,405 (+72.88%)
AriaCloudA Docker container for remote penetration testing.
Stars: ✭ 105 (-95.88%)
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (-97.68%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (-89.48%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: ✭ 271 (-89.36%)
SitebrokerA cross-platform python based utility for information gathering and penetration testing automation!
Stars: ✭ 281 (-88.97%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+25.51%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (-95.05%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (-82.38%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (-82.89%)
WebmapA Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-92.62%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-88.34%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-80.22%)
Shotlootera recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc
Stars: ✭ 451 (-82.3%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (-93.96%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+133.24%)
Holeheholehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Stars: ✭ 568 (-77.71%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (-15.11%)
Docker Onion NmapScan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Stars: ✭ 345 (-86.46%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-79.08%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (-73.39%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+104.79%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-96.66%)
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Stars: ✭ 153 (-94%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (-8.52%)
AttacksurfacemapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Stars: ✭ 702 (-72.45%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-94.11%)
MouseMouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (-92.7%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (-84.54%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-84.62%)
EntropyEntropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.
Stars: ✭ 126 (-95.05%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (-84.65%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-81.83%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (-63.34%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 859 (-66.29%)
InfogaInfoga - Email OSINT
Stars: ✭ 947 (-62.83%)
StargatherA fast GitHub stargazers information gathering tool
Stars: ✭ 30 (-98.82%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-93.17%)
Ge.mine.nuCode from my old page ge.mine.nu
Stars: ✭ 31 (-98.78%)
NettackerAutomated Penetration Testing Framework
Stars: ✭ 982 (-61.46%)
RecondogReconnaissance Swiss Army Knife
Stars: ✭ 1,069 (-58.05%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (-54.47%)
GitemA Github organization reconnaissance tool.
Stars: ✭ 190 (-92.54%)
RapidpayloadFramework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion
Stars: ✭ 174 (-93.17%)
MsfpcMSFvenom Payload Creator (MSFPC)
Stars: ✭ 808 (-68.29%)
PhotonIncredibly fast crawler designed for OSINT.
Stars: ✭ 8,332 (+227%)
LyricpassPassword wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.
Stars: ✭ 58 (-97.72%)
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: ✭ 183 (-92.82%)