1956 Open source projects that are alternatives of or similar to Osmedeus

The linux choice collection tools

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Tangalanga: the Zoom conference scanner hacking tool

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Evildork targeting your fiancee👁️

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

A Python3 based single-file subdomain enumerator

Subdomain Takeover tool written in Go

The Offensive Manual Web Application Penetration Testing Framework.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Tool to generate smart and powerful wordlists

Go library for credentials recovery

[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻

Maryam: Open-source Intelligence(OSINT) Framework

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

Yar is a tool for plunderin' organizations, users and/or repositories.

Sifter aims to be a fully loaded Op Centre for Pentesters

Find emails of Github users

A Github organization reconnaissance tool.

An automated e-mail OSINT tool

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Open Redirect scanner - (out of date)

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

⚡️An awesome list of the best Termux hacking tools

OSINT Framework

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

This tool gives information about the phone number that you entered.

Data leak checker & OSINT Tool

Mining parameters from dark corners of Web Archives

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

The Most Powerful Fake Page Redirecting tool...

Extracting URLs of a specific target based on the results of "commoncrawl.org"

List of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.

Advanced Reconnaissance tool to enumerate attacking surface of the target.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

Credentials Checking Framework

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

OSINT tool - gets data from services like shodan, censys etc. in one app

Hunt down the secrets from the WebArchives for Fun and Profit

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.

Quick SQL Scanner, Dorker, Webshell injector PHP

Fleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.

An OSINT tool to find contacts in order to report security vulnerabilities.

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.

RAS(RAndom Subdomain) Fuzzer

Domain availbility checker

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

🔍 IRIS: An open-source intelligence framework