1205 Open source projects that are alternatives of or similar to Discover

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Information Gathering Instagram.

CLI program that collects information from facebook user profiles via Selenium.

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

A Tool for Domain Flyovers

A Docker container for remote penetration testing.

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

Top 100 Hacking & Security E-Books (Free Download)

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

This repository created for personal use and added tools from my latest blog post.

A cross-platform python based utility for information gathering and penetration testing automation!

Faraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

A MongoDB importer and API for Project Sonars DNS datasets

OSINT Tool: Generate username lists for companies on LinkedIn

⚡️An awesome list of the best Termux hacking tools

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

Modern tactical exploitation toolkit.

Gorsair hacks its way into remote docker containers that expose their APIs

🤖 The Modern Port Scanner 🤖

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

The SpecterOps project management and reporting engine

A Golang implant that uses Slack as a command and control server

Entropy Toolkit is a set of tools to provide Netwave and GoAhead IP webcams attacks. Entropy Toolkit is a powerful toolkit for webcams penetration testing.

Idiomatic nmap library for go developers

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

a recon tool that allows searching on URLs that are exposed via shortener services

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Burp extension to passively scan for applications revealing software version numbers

Collection of tips, tools and tutorials around infosec

Infoga - Email OSINT

A fast GitHub stargazers information gathering tool

Yar is a tool for plunderin' organizations, users and/or repositories.

Code from my old page ge.mine.nu

Automated Penetration Testing Framework

Burp Suite extension to passively scan for applications revealing server error messages

Reconnaissance Swiss Army Knife

Find exploits in local and online databases instantly

A Github organization reconnaissance tool.

Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion

MSFvenom Payload Creator (MSFPC)

Incredibly fast crawler designed for OSINT.

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.