903 Open source projects that are alternatives of or similar to Oneforall

Yet Another PHP Shell - The most complete PHP reverse shell

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

A tool to hunt for publicly accessible DigitalOcean Spaces

Hunt down the secrets from the WebArchives for Fun and Profit

OnionSearch is a script that scrapes urls on different .onion search engines.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

Tool Information Gathering Write By Python.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

A fast GitHub stargazers information gathering tool

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

OSINT

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Enumerate information from NTLM authentication enabled web endpoints 🔎

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Do some quick reconnaissance on a domain-based web-application

Open Redirect scanner - (out of date)

🔎 Find usernames and download their data across social media.

Credentials Checking Framework

This tool gives information about the phone number that you entered.

A Tool for Domain Flyovers

信息收集 OR 信息搜集

Subdomain enumeration through various techniques

No description or website provided.

💀 A bash hacking and scanning framework.

Extract subdomains from SSL certificates in HTTPS sites.

Infoga - Email OSINT

Awesome cloud enumerator

An Extended, Modulair, Host Discovery Framework

Gotanda is browser Web Extension for OSINT.

A docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

apkizer is a mass downloader for android applications for all available versions.

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Mass querying whois records

Unleash the power of cloud

goverview - Get an overview of the list of URLs

Totem allows you to retrieve information about ads of a facebook page , we can retrieve the number of people targeted, how much the ad cost and a lot of other information.

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Subdomain discovery using the power of 'The Rapid7 Project Sonar datasets'

asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.

Dumain Bruteforcer - a fast and flexible domain bruteforcer

🔍 A Complete Osint Tool

Multi source CVE/exploit parser.

Toutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more

E4GL30S1NT - Simple Information Gathering Tool

A collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

CLI program that collects information from facebook user profiles via Selenium.

Subcert is an subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

🔎 Find usernames across social networks

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Burp extension to decode NTLM SSP headers and extract domain/host information