VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-14.33%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-66.56%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+894.9%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+28.34%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+995.22%)
Yotteryotter - bash script that performs recon and then uses dirb to discover directories that might lead to information leakage
Stars: ✭ 118 (-62.42%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+18.15%)
RecsechRecsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (-44.9%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+1901.27%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+97.77%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (-75.8%)
GoreconGorecon is a All in one Reconnaissance Tool , a.k.a swiss knife for Reconnaissance , A tool that every pentester/bughunter might wanna consider into their arsenal
Stars: ✭ 208 (-33.76%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+17.83%)
SonarsearchA MongoDB importer and API for Project Sonars DNS datasets
Stars: ✭ 297 (-5.41%)
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (+1787.58%)
OdinAutomated network asset, email, and social media profile discovery and cataloguing.
Stars: ✭ 476 (+51.59%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+1866.56%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (+63.38%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+79.62%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+91.72%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+182.48%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+207.01%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-76.75%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (+588.85%)
Osint Tools👀 Some of my favorite OSINT tools.
Stars: ✭ 155 (-50.64%)
PasktoPaskto - Passive Web Scanner
Stars: ✭ 136 (-56.69%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-46.18%)
Censys Subdomain Finder⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Stars: ✭ 402 (+28.03%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+35.99%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+23.25%)
IkyOSINT Project
Stars: ✭ 203 (-35.35%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+72.29%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-11.46%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+182.17%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+197.45%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+159.24%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-61.15%)
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (-29.62%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1015.61%)
PdlistA passive subdomain finder
Stars: ✭ 204 (-35.03%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+711.46%)
findcdnfindCDN is a tool created to help accurately identify what CDN a domain is using.
Stars: ✭ 64 (-79.62%)
NetzDiscover internet-wide misconfigurations while drinking coffee
Stars: ✭ 159 (-49.36%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+303.5%)
osintDocker image for osint
Stars: ✭ 92 (-70.7%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (-43.63%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-54.78%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-19.75%)
pywhatcmsUnofficial WhatCMS API package
Stars: ✭ 42 (-86.62%)
o365chkSimple Python tool to check if there is an Office 365 instance linked to a domain.
Stars: ✭ 37 (-88.22%)
mailcatFind existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
Stars: ✭ 219 (-30.25%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (-61.78%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-46.82%)
AmpliSpyCheck local or remote list of DNS servers for suitability in DNS Amplification DoS.
Stars: ✭ 39 (-87.58%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+10.19%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-87.9%)