PandorasBoxSecurity tool to quickly audit Public Box files and folders.
Stars: ✭ 56 (-98.35%)
PhotonIncredibly fast crawler designed for OSINT.
Stars: ✭ 8,332 (+145.71%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-98.14%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-99.23%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (-49.87%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (-88.15%)
CerteagleWeaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-97.7%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (-61.96%)
HackbrowserdataDecrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。
Stars: ✭ 3,864 (+13.95%)
Okadminfinder3[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Stars: ✭ 279 (-91.77%)
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-95.81%)
lazyGrandmaa shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves
Stars: ✭ 49 (-98.55%)
EnteletaorMessage Queue & Broker Injection tool
Stars: ✭ 139 (-95.9%)
Instagram HackerThis is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!
Stars: ✭ 156 (-95.4%)
WpreconWPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.
Stars: ✭ 135 (-96.02%)
HydrafwHydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing
Stars: ✭ 165 (-95.13%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-94.96%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (-36.21%)
OnionsearchOnionSearch is a script that scrapes urls on different .onion search engines.
Stars: ✭ 135 (-96.02%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-96.4%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (-37.66%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-95.61%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (-90.56%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-95.58%)
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Stars: ✭ 153 (-95.49%)
centCommunity edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
Stars: ✭ 315 (-90.71%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-96.46%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (-95.46%)
tenssensTenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Stars: ✭ 19 (-99.44%)
WhatcmsCMS Detection and Exploit Kit based on Whatcms.org API
Stars: ✭ 205 (-93.95%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-93.98%)
Awesome Hacking ListsProject transferred to: https://github.com/taielab/awesome-hacking-lists
Stars: ✭ 203 (-94.01%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-94.87%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-87.58%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-94.57%)
GitemA Github organization reconnaissance tool.
Stars: ✭ 190 (-94.4%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (-98.11%)
DumbDumain Bruteforcer - a fast and flexible domain bruteforcer
Stars: ✭ 54 (-98.41%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-90.56%)
bug-bountyMy personal bug bounty toolkit.
Stars: ✭ 127 (-96.25%)
ThechoiceThe linux choice collection tools
Stars: ✭ 245 (-92.77%)
E4GL30S1NTE4GL30S1NT - Simple Information Gathering Tool
Stars: ✭ 139 (-95.9%)
ShufflednsshuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
Stars: ✭ 498 (-85.31%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-96.82%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-94.01%)
IkyOSINT Project
Stars: ✭ 203 (-94.01%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (-93.63%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (-64.79%)
FierceA DNS reconnaissance tool for locating non-contiguous IP space.
Stars: ✭ 1,072 (-68.39%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-93.01%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-99.35%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-98.44%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-92.75%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (-92.63%)
Moriarty ProjectThis tool gives information about the phone number that you entered.
Stars: ✭ 223 (-93.42%)