1170 Open source projects that are alternatives of or similar to Gitgot

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

🔎 Find usernames across social networks

Do some quick reconnaissance on a domain-based web-application

Dark Web OSINT Tool

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Simple Python tool to check if there is an Office 365 instance linked to a domain.

Pentest: Subdomains enumeration tool for penetration testers.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Automated Web Recon Shell Scripts

apkizer is a mass downloader for android applications for all available versions.

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

DNS Subdomain● Brute force ● Web Spider ● Nmap Scan ● etc

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Network footprint scanner platform. Discover domains and run your custom checks periodically.

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

This is the new version of dirb in python

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

A Tool for Domain Flyovers

Nuubi Tools (Information-ghatering|Scanner|Recon.)

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

OSINT

🔎 shodansploit > v1.3.0

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Bandit is a tool designed to find common security issues in Python code.

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com

Web Scan Lazy Tools - Python Package

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

OneForAll是一款功能强大的子域收集工具

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

Next generation web scanner

Web application vulnerability scanner

Links for the OSINT Team

a recon tool that allows searching on URLs that are exposed via shortener services

Find emails of Github users

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

Open-Source Security Architecture | 开源安全架构

Secure, Unified, Powerful and Extensible Rust Android Analyzer

An advanced tool for email reconnaissance

Sifter aims to be a fully loaded Op Centre for Pentesters

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

Enumeration sub domains(枚举子域名)

Security scanner coordinator

NodeJS Simple Network Scanner

Extract and aggregate threat intelligence.

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Information gathering tool - OSINT

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

Reconnaissance tool for GitHub organizations

Golang安全资源合集

kube-scan: Octarine k8s cluster risk assessment tool

OSINT tool - gets data from services like shodan, censys etc. in one app