301 Open source projects that are alternatives of or similar to Github Recon

Making Favicon.ico based Recon Great again !

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

E-mails, subdomains and names Harvester - OSINT

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Pentest: Subdomains enumeration tool for penetration testers.

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.

👀 Some of my favorite OSINT tools.

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

In-depth Attack Surface Mapping and Asset Discovery

A passive subdomain finder

Simple shell script for automated domain recognition with some tools

Unique wordlist generator of unique wordlists.

A tool to fastly get all javascript sources/files

Information gathering tool - OSINT

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Related subdomains finder

Tool to automate recon

🔎 Find usernames and download their data across social media.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Enumerate information from NTLM authentication enabled web endpoints 🔎

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

This repository created for personal use and added tools from my latest blog post.

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

🔎 Hunt down social media accounts by username across social networks

Semi-automatic OSINT framework and package manager

Advanced Reconnaissance tool to enumerate attacking surface of the target.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

Automated Web Recon Shell Scripts

apkizer is a mass downloader for android applications for all available versions.

Automated network asset, email, and social media profile discovery and cataloguing.

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

network reconnaissance toolkit

🔎 Find usernames across social networks

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

An automated target reconnaissance pipeline.

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

OneForAll是一款功能强大的子域收集工具

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Find emails of Github users

Fully automated offensive security framework for reconnaissance and vulnerability scanning

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

Intelligence and Reconnaissance Package/Bundle installer.

asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.

An automated approach to performing recon for bug bounty hunting and penetration testing.