1956 Open source projects that are alternatives of or similar to Osmedeus

List of Awesome Asset Discovery Resources

An OSINT Metadata analyzing tool that filters through tags and creates reports

Weaponizing Live CT logs for automated monitoring of assets

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

The Offensive Manual Web Application Penetration Testing Framework.

Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

OSINT tool - gets data from services like shodan, censys etc. in one app

A tool to hunt for publicly accessible DigitalOcean Spaces

Hunt down the secrets from the WebArchives for Fun and Profit

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Host Header Injection Checker

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

Rockyou for web fuzzing

A fast GitHub stargazers information gathering tool

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.

OnionSearch is a script that scrapes urls on different .onion search engines.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Extract subdomains from SSL certificates in HTTPS sites.

Command line tool that allows you to explore IoT devices by using Shodan API.

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Yar is a tool for plunderin' organizations, users and/or repositories.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

A DNS reconnaissance tool for locating non-contiguous IP space.

An automated e-mail OSINT tool

Evildork targeting your fiancee👁️

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

A Github organization reconnaissance tool.

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Tool to generate smart and powerful wordlists

Information gathering & website reconnaissance | https://phishstats.info/

An OSINT tool to find contacts in order to report security vulnerabilities.

This tool gives information about the phone number that you entered.

OSINT Project

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

OSINT Framework

A OSINT tool to obtain a target's phone number just by having his email address

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

A Tool for Domain Flyovers

Infoga - Email OSINT

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Data leak checker & OSINT Tool

Open Redirect scanner - (out of date)

Intelligence tool but without API key

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

Advanced Reconnaissance tool to enumerate attacking surface of the target.

Credentials Checking Framework

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

The Most Powerful Fake Page Redirecting tool...

Quick SQL Scanner, Dorker, Webshell injector PHP