667 Open source projects that are alternatives of or similar to metagoofil

pentest toolbox

Calculate fingerprints of a website for OSINT search

Related subdomains finder

Telegram scenario-based API aimed at OSINT

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

No description or website provided.

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Search people on the Internet.

💀 A bash hacking and scanning framework.

DorkScout - Golang tool to automate google dork scan against the entiere internet or specific targets

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

Iota is a web scraper which can find all of the images and links/suburls on a webpage

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Simple Python tool to check if there is an Office 365 instance linked to a domain.

:.IP webcam penetration test suit.:

Boxer: A fast directory bruteforce tool written in Python with concurrency.

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Automated Pentest Tools Designed For Parrot Linux

This is an open source project which helps users "guess" their target's email address based on multiple inputs and preferences.

Penetration tests on SSH servers using brute force or dictionary attacks. Written in Python.

Totally Insecure Web Application Project (TIWAP)

findCDN is a tool created to help accurately identify what CDN a domain is using.

Opening the door, one reverse shell at a time

Automated Google dorking with custom search engines

Raven is a Web application penetration testing tool.

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.

Work in progress...

Bash script that automates the enumeration of domains and DNS servers in the active information gathering.

Docker image for osint

Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more

PowerShell payload generator

Cheat-Sheet of tools for penetration testing

🔎 Find usernames and download their data across social media.

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

A simple way to know if you are on the list of major security breaches like "HIBP", but it is specific for Iran.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Microsoft Azure Exploitation Framework

Turn PuTTY into an SSH login bruteforcing tool.

Go library for credentials recovery

Bypassing FILTER_SANITIZE_EMAIL & FILTER_VALIDATE_EMAIL filters in filter_var for SQL Injection ( xD )

Docker container for datasploit framework

Social media hunter

social media intelligence from the command line

Kali image with kali-linux-full metapackage installed, build every night.

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

JSON RSA to HMAC and None Algorithm Vulnerability POC

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Collection of several DDos tools.

Proof of concept for a security issue (in my opinion) that I found in accounts.google.com

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

Command line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…

A python module for sending free sms as well as finding details of mobile number via website Way2sms.

Shodan.io Command Line Interface

Obtain GraphQL API Schema even if the introspection is not enabled

Enumerate information from NTLM authentication enabled web endpoints 🔎

Extracting URLs of a specific target based on the results of "commoncrawl.org"