ThechoiceThe linux choice collection tools
Stars: ✭ 245 (-92.77%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-85.49%)
TangalangaTangalanga: the Zoom conference scanner hacking tool
Stars: ✭ 236 (-93.04%)
osmedeus-workflowCommunity Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-99.23%)
K8cscanK8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (-79.56%)
IntelowlIntel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (-37.66%)
evildorkEvildork targeting your fiancee👁️
Stars: ✭ 46 (-98.64%)
MassdnsA high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Stars: ✭ 2,093 (-38.28%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-97.38%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (-64.79%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (-61.96%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-95.61%)
BopscrkTool to generate smart and powerful wordlists
Stars: ✭ 273 (-91.95%)
goLazagneGo library for credentials recovery
Stars: ✭ 177 (-94.78%)
Okadminfinder3[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
Stars: ✭ 279 (-91.77%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (-89.06%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (-95.46%)
HostPanicFind host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning
Stars: ✭ 23 (-99.32%)
Sherlock JsFind usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Stars: ✭ 153 (-95.49%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (-94.87%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-88.12%)
ZenFind emails of Github users
Stars: ✭ 343 (-89.88%)
GitemA Github organization reconnaissance tool.
Stars: ✭ 190 (-94.4%)
MosintAn automated e-mail OSINT tool
Stars: ✭ 184 (-94.57%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (-95.58%)
PwnbackBurp Extender plugin that generates a sitemap of a website using Wayback Machine
Stars: ✭ 203 (-94.01%)
ORtesterOpen Redirect scanner - (out of date)
Stars: ✭ 24 (-99.29%)
urldedupePass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
Stars: ✭ 208 (-93.87%)
ksubdomainSubdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second
Stars: ✭ 320 (-90.56%)
Holeheholehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Stars: ✭ 568 (-83.25%)
Moriarty ProjectThis tool gives information about the phone number that you entered.
Stars: ✭ 223 (-93.42%)
OblivionData leak checker & OSINT Tool
Stars: ✭ 237 (-93.01%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (-76.97%)
CrosslinkedLinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
Stars: ✭ 223 (-93.42%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-92.75%)
VirusX5The Most Powerful Fake Page Redirecting tool...
Stars: ✭ 15 (-99.56%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (-92.63%)
awesome-pentest-toolsList of Security Archives Tools and software, generally for facilitate security & penetration research. Opening it up to everyone will facilitate a knowledge transfer. Hopefully the initial set will grow and expand.
Stars: ✭ 34 (-99%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-99.2%)
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (-98.88%)
crtfinderFast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques
Stars: ✭ 96 (-97.17%)
credcheckCredentials Checking Framework
Stars: ✭ 50 (-98.53%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (-98.29%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (-53.64%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-96.46%)
ArchivefuzzHunt down the secrets from the WebArchives for Fun and Profit
Stars: ✭ 108 (-96.82%)
SocialpwnedSocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.
Stars: ✭ 104 (-96.93%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (-95.87%)
fleexFleex makes it easy to create multiple VPS on cloud providers and use them to distribute workloads.
Stars: ✭ 181 (-94.66%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (-93.63%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (-91.6%)
ras-fuzzerRAS(RAndom Subdomain) Fuzzer
Stars: ✭ 42 (-98.76%)
recceDomain availbility checker
Stars: ✭ 30 (-99.12%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-99.17%)
OffensiveCloudDistributionLeverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.
Stars: ✭ 86 (-97.46%)
DevBrute-A Password Brute ForcerDevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.
Stars: ✭ 91 (-97.32%)
IRIS🔍 IRIS: An open-source intelligence framework
Stars: ✭ 79 (-97.67%)