496 Open source projects that are alternatives of or similar to recce

Do some quick reconnaissance on a domain-based web-application

Awesome Vulnerable Applications

🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

a Go code to detect leaks in JS files via regex patterns

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

No description or website provided.

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentesters, reverse engineer, and redteamers.

Tool for catching and logging different types of requests.

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Change monitoring app that checks the content of web pages in different periods.

BugBounty Tool

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

XSS in pastebin.com and reddit.com via unsanitized markdown output

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

Reconness Agents Script

mirror of https://mypdns.org/my-privacy-dns/matrix as it is obviously no longer safe to do Girhub nor have we no longer any trust in them. See https://mypdns.org/my-privacy-dns/porn-records/-/issues/1347

Pentesting/Bugbounty Dockerfiles.

Poor (rich?) man's bug bounty pipeline

Nuubi Tools (Information-ghatering|Scanner|Recon.)

Gotanda is browser Web Extension for OSINT.

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

🔺 Red Team Hardware Toolkit 🔺

The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.

asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.

CVE-2017-9506 - SSRF

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Fast and customizable vulnerability scanner For JIRA written in Python

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.

Repositório com conteúdo sobre web hacking em português

A collection of my quick and dirty scripts for vulnerability POC and detections

🎯 SQL Injection Payload List

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Scanning APK file for URIs, endpoints & secrets.

Automate the creation of a lab environment complete with security tooling and logging best practices

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Ansible role to apply a security baseline. Systemd edition.

HTTP fuzzer engine security oriented

Advanced and easy to use penetration testing framework 💣🔎

A Colab For Bug Hunting!

Multi Tool Subdomain Enumeration

A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

Wireshark Cheat Sheet

Intentionally vulnerable Android application.

A collection of some of my scripts

🎯 Command Injection Payload List

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

aquatone results for sites with bug bountys

A Powerful Subdomain Takeover Tool

Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.

Automated NoSQL database enumeration and web application exploitation tool.

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.