warfWARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Stars: β 53 (-98.44%)
Awesome Shodan Queriesπ A collection of interesting, funny, and depressing search queries to plug into shodan.io π©βπ»
Stars: β 2,758 (-18.67%)
crawleetWeb Recon & Exploitation Tool.
Stars: β 48 (-98.58%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: β 13 (-99.62%)
PhoniaPhonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy.
Stars: β 221 (-93.48%)
M3m0M3m0 Tool βοΈ Website Vulnerability Scanner & Auto Exploiter
Stars: β 124 (-96.34%)
Rebel FrameworkAdvanced and easy to use penetration testing framework π£π
Stars: β 183 (-94.6%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: β 199 (-94.13%)
BugbountyscannerA Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.
Stars: β 229 (-93.25%)
Icg AutoexploiterbotWordpress π₯ Joomla π₯ Drupal π₯ OsCommerce π₯ Prestashop π₯ Opencart π₯
Stars: β 242 (-92.86%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: β 119 (-96.49%)
Burpsuite XkeysA Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Stars: β 144 (-95.75%)
XshockXSHOCK Shellshock Exploit
Stars: β 65 (-98.08%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: β 189 (-94.43%)
GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Stars: β 183 (-94.6%)
KnaryA simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams & Pushover support
Stars: β 187 (-94.49%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: β 370 (-89.09%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: β 36 (-98.94%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: β 974 (-71.28%)
sherlockπ Find usernames across social networks
Stars: β 52 (-98.47%)
Recon My WayThis repository created for personal use and added tools from my latest blog post.
Stars: β 271 (-92.01%)
GasmaskInformation gathering tool - OSINT
Stars: β 518 (-84.72%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: β 35 (-98.97%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: β 382 (-88.73%)
Rustscanπ€ The Modern Port Scanner π€
Stars: β 5,218 (+53.88%)
TaipanWeb application vulnerability scanner
Stars: β 359 (-89.41%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: β 6,284 (+85.31%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: β 273 (-91.95%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints π
Stars: β 252 (-92.57%)
Aliens eyeSocial media hunter
Stars: β 105 (-96.9%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: β 504 (-85.14%)
Sherlockπ Hunt down social media accounts by username across social networks
Stars: β 28,569 (+742.49%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: β 6,175 (+82.1%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: β 32,909 (+870.48%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: β 602 (-82.25%)
Reconspiderπ Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: β 621 (-81.69%)
DomainkerBugBounty Tool
Stars: β 40 (-98.82%)
GofingerprintGoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.
Stars: β 120 (-96.46%)
Ksubdomainζ ηΆζεεεηη ΄ε·₯ε
·
Stars: β 976 (-71.22%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: β 436 (-87.14%)
TorbotDark Web OSINT Tool
Stars: β 821 (-75.79%)
TrapePeople tracker on the Internet: OSINT analysis and research tool by Jose Pino
Stars: β 6,753 (+99.14%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: β 964 (-71.57%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: β 63 (-98.14%)
CerteagleWeaponizing Live CT logs for automated monitoring ofΒ assets
Stars: β 78 (-97.7%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: β 272 (-91.98%)
LiteOTPMulti OTP Spam Amp/Paralell threads
Stars: β 50 (-98.53%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: β 108 (-96.82%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: β 1,290 (-61.96%)
SocialpwnedSocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.
Stars: β 104 (-96.93%)
SpyGenTrojan π (keylogger, take screenshots, open your webcam) π
Stars: β 115 (-96.61%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: β 2,163 (-36.21%)
OnionsearchOnionSearch is a script that scrapes urls on different .onion search engines.
Stars: β 135 (-96.02%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: β 122 (-96.4%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: β 2,114 (-37.66%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: β 150 (-95.58%)
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Stars: β 153 (-95.49%)