645 Open source projects that are alternatives of or similar to pywhatcms

Maintained collection of OSINT related resources. (All Free & Actionable)

The entire walkthrough of all my resolved TryHackMe rooms

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

😱 A curated list of amazingly awesome OSINT

Proof of concept for a security issue (in my opinion) that I found in accounts.google.com

Yet Another LInkedIn Scraper...

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

信息收集 OR 信息搜集

Automated Google dorking with custom search engines

Related subdomains finder

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Amazon S3 bucket spelunking!

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

🧬 Extract and analyze contributors info from git repos

Powerful plugins and add-ons for hackers

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

OSINT username checker. Collect a dossier on a person by username from a huge number of sites.

Iota is a web scraper which can find all of the images and links/suburls on a webpage

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Simple Python tool to check if there is an Office 365 instance linked to a domain.

OnionSearch is a script that scrapes urls on different .onion search engines.

Collect email addresses by crawling search engine results.

Reconnaissance tool for GitHub organizations

a scanner for QRCode barCode 最好用的ios二维码、条形码，扫描、生成框架，支持闪光灯，从相册获取，扫描音效等，高仿微信，微博

qrcode scanner ( decoder ) by golang 二维码扫描识别

E-mails, subdomains and names Harvester - OSINT

Ladon for Cobalt Strike, Large Network Penetration Scanner, vulnerability / exploit / detection / MS17010 / password/brute-force/psexec/atexec/sshexec/webshell/smbexec/netcat/osscan/netscan/struts2Poc/weblogicExp

Каталог нетсталкерских ресурсов, команд, инструментов, источников контента.

分布式资产安全扫描核心管理系统(弱口令扫描，漏洞扫描)

IP lookup by favicon using Shodan

Security scanner for your Terraform code

OSINT Tool For Scraping Dark Websites

Personal document manager (Linux/Windows) -- Moved to Gnome's Gitlab

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

An interactive document scanner built in Python using OpenCV featuring automatic corner detection, image sharpening, and color thresholding.

Username recognition on various websites.

Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities

OSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.

The modular distributed fingerprinting engine

🖖 Fast, modern, easy-to-use network scanner

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

⚡️An awesome list of the best Termux hacking tools

CMS Detection and Exploit Kit based on Whatcms.org API

Коллекция материалов по OSINT для нетсталкинга

Document Scanning Made Easy for iOS

operative framework is a OSINT investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

The ONLY hacker friendly proxy for webapp pentests.

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

A browser extension for OSINT search

OSINT tool for discovering confidential data leaked on Github.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups

Advanced Reconnaissance tool to enumerate attacking surface of the target.

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Burp Suite extension to discover assets from HTTP response.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

A definitive guide to generating usernames for OSINT purposes