MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-98.14%)
CerteagleWeaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-97.7%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (-90.56%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (-61.96%)
tenssensTenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Stars: ✭ 19 (-99.44%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-87.58%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-96.46%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-96.4%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-96.82%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (-36.21%)
hinjectHost Header Injection Checker
Stars: ✭ 64 (-98.11%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (-37.66%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-95.61%)
Ladon大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (-14.16%)
ArgosThis script will automatically set up an OSINT workstation starting from a Ubuntu OS.
Stars: ✭ 73 (-97.85%)
StargatherA fast GitHub stargazers information gathering tool
Stars: ✭ 30 (-99.12%)
SocialpwnedSocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.
Stars: ✭ 104 (-96.93%)
OnionsearchOnionSearch is a script that scrapes urls on different .onion search engines.
Stars: ✭ 135 (-96.02%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-95.58%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-90.56%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-99.35%)
ShufflednsshuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
Stars: ✭ 498 (-85.31%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-85.49%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-94.87%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-98.44%)
FierceA DNS reconnaissance tool for locating non-contiguous IP space.
Stars: ✭ 1,072 (-68.39%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-94.57%)
evildorkEvildork targeting your fiancee👁️
Stars: ✭ 46 (-98.64%)
Can I Take Over Xyz"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Stars: ✭ 2,808 (-17.19%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (-95.46%)
GitemA Github organization reconnaissance tool.
Stars: ✭ 190 (-94.4%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-94.01%)
BopscrkTool to generate smart and powerful wordlists
Stars: ✭ 273 (-91.95%)
UrlextractorInformation gathering & website reconnaissance | https://phishstats.info/
Stars: ✭ 341 (-89.94%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (-93.63%)
Moriarty ProjectThis tool gives information about the phone number that you entered.
Stars: ✭ 223 (-93.42%)
IkyOSINT Project
Stars: ✭ 203 (-94.01%)
CrosslinkedLinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Stars: ✭ 223 (-93.42%)
Email2phonenumberA OSINT tool to obtain a target's phone number just by having his email address
Stars: ✭ 379 (-88.82%)
Evil SsdpSpoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.
Stars: ✭ 204 (-93.98%)
AquatoneA Tool for Domain Flyovers
Stars: ✭ 4,405 (+29.9%)
InfogaInfoga - Email OSINT
Stars: ✭ 947 (-72.07%)
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Stars: ✭ 153 (-95.49%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-92.75%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (-92.63%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-93.01%)
ORtesterOpen Redirect scanner - (out of date)
Stars: ✭ 24 (-99.29%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (-87.5%)
Cloud enumMulti-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Stars: ✭ 420 (-87.61%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-97.17%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-99.2%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (-98.53%)
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (-98.88%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (-98.29%)
VirusX5The Most Powerful Fake Page Redirecting tool...
Stars: ✭ 15 (-99.56%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-95.87%)