1984 Open source projects that are alternatives of or similar to Osint_tips

Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

A tool to fastly get all javascript sources/files

Do some quick reconnaissance on a domain-based web-application

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Making Favicon.ico based Recon Great again !

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Enumerate information from NTLM authentication enabled web endpoints 🔎

A high performance offensive security tool for reconnaissance and vulnerability scanning

Awesome cloud enumerator

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Rockyou for web fuzzing

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

🔎 Find usernames across social networks

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

swiss army knife for hackers

OSINT Tool: Generate username lists for companies on LinkedIn

🔎 Hunt down social media accounts by username across social networks

A Tool for Domain Flyovers

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Useful tools and scripts during Penetration Testing engagements

Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.

Sifter aims to be a fully loaded Op Centre for Pentesters

E-mails, subdomains and names Harvester - OSINT

Semi-automatic OSINT framework and package manager

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Automatically Launch Google Hacking Queries Against A Target Domain

Intelligence tool but without API key

A tool to hunt for publicly accessible DigitalOcean Spaces

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Python library and CLI for the Bug Bounty Recon API

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

my oscp prep collection

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

Intelligence and Reconnaissance Package/Bundle installer.

Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

An automated e-mail OSINT tool

IP Tools To quickly get information about IP Address's, Web Pages and DNS records.

An OSINT tool to gather information about the real owner of a phone number

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

🔺 Red Team Hardware Toolkit 🔺

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A passive subdomain finder