1956 Open source projects that are alternatives of or similar to Osmedeus

Security tool to quickly audit Public Box files and folders.

Incredibly fast crawler designed for OSINT.

List of Awesome Asset Discovery Resources

An OSINT Metadata analyzing tool that filters through tags and creates reports

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

Know the dangers of credential reuse attacks.

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

Weaponizing Live CT logs for automated monitoring of assets

The Offensive Manual Web Application Penetration Testing Framework.

Decrypt passwords/cookies/history/bookmarks from the browser. 一款可全平台运行的浏览器数据导出解密工具。

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Nuclei templates for K8S security scanning

Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

Message Queue & Broker Injection tool

This is an advanced script for Instagram bruteforce attacks. WARNING THIS IS A REAL TOOL!

WPrecon (WordPress Recon), is a vulnerability recognition tool in CMS Wordpress, developed in Go and with scripts in Lua.

HydraFW official firmware for HydraBus/HydraNFC for researcher, hackers, students, embedded software developers or anyone interested in debugging/hacking/developing/penetration testing

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

OnionSearch is a script that scrapes urls on different .onion search engines.

A tool to hunt for publicly accessible DigitalOcean Spaces

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

OSINT tool - gets data from services like shodan, censys etc. in one app

Offensive tools as Dockerfiles. Lightweight & Ready to go

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

CMS Detection and Exploit Kit based on Whatcms.org API

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Project transferred to: https://github.com/taielab/awesome-hacking-lists

Rockyou for web fuzzing

Yar is a tool for plunderin' organizations, users and/or repositories.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

An automated e-mail OSINT tool

A Github organization reconnaissance tool.

Host Header Injection Checker

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Extract subdomains from SSL certificates in HTTPS sites.

My personal bug bounty toolkit.

The linux choice collection tools

E4GL30S1NT - Simple Information Gathering Tool

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.

Hunt down the secrets from the WebArchives for Fun and Profit

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

OSINT Project

An OSINT tool to find contacts in order to report security vulnerabilities.

Subdomain Takeover tool written in Go

A DNS reconnaissance tool for locating non-contiguous IP space.

Data leak checker & OSINT Tool

Command line tool that allows you to explore IoT devices by using Shodan API.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

OSINT Framework

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

This tool gives information about the phone number that you entered.