712 Open source projects that are alternatives of or similar to Lazyrecon

Web Recon & Exploitation Tool.

Python library and CLI for the Bug Bounty Recon API

Reconness Agents Script

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

E-mails, subdomains and names Harvester - OSINT

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

RFD Checker - security CLI tool to test Reflected File Download issues

Semi-automatic OSINT framework and package manager

All about bug bounty (bypasses, payloads, and etc)

List of Awesome Asset Discovery Resources

Your Google Recon is Now Automated

One way to continuously monitor sensitive information that could be exposed on Github

A tool to hunt for publicly accessible DigitalOcean Spaces

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

👀 Some of my favorite OSINT tools.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A very loud but fast recon scan and pentest template creator for use in CTF's/OSCP/Hackthebox...

Framework for rapid development and reusable of security tools

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

Find exploits in local and online databases instantly

Tool for catching and logging different types of requests.

Unique wordlist generator of unique wordlists.

🖖 Fast, modern, easy-to-use network scanner

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

Simultaneously execute various subdomain enumeration tools and aggregate results.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Powerfull XSS Scanning and Parameter analysis tool&gem

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Turn your VPS into an attack box

An Extended, Modulair, Host Discovery Framework

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

This challenge is Inon Shkedy's 31 days API Security Tips.

Sifter aims to be a fully loaded Op Centre for Pentesters

Penetration tests guide based on OWASP including test cases, resources and examples.

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Unleash the power of cloud

all manner of wordlists

Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.

Tool to automate recon

goverview - Get an overview of the list of URLs

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Automated Web Recon Shell Scripts

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

Mass querying whois records

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

a recon tool that allows searching on URLs that are exposed via shortener services

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

A fast DOM based XSS vulnerability scanner with simplicity.

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.

Pentest/BugBounty progress control with scanning modules

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.