Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+1346.22%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (-35.43%)
sx🖖 Fast, modern, easy-to-use network scanner
Stars: ✭ 1,267 (+104.03%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-31.24%)
IRIS🔍 IRIS: An open-source intelligence framework
Stars: ✭ 79 (-87.28%)
TIGMINTTIGMINT: OSINT (Open Source Intelligence) GUI software framework
Stars: ✭ 195 (-68.6%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-95.97%)
Hack4Squad💀 A bash hacking and scanning framework.
Stars: ✭ 45 (-92.75%)
Fav UpIP lookup by favicon using Shodan
Stars: ✭ 550 (-11.43%)
PXXTFFramework For Exploring kernel vulnerabilities, network vulnerabilities ✨
Stars: ✭ 23 (-96.3%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (-80.68%)
toutatisToutatis is a tool that allows you to extract information from instagrams accounts such as e-mails, phone numbers and more
Stars: ✭ 803 (+29.31%)
SilverMass scan IPs for vulnerable services
Stars: ✭ 588 (-5.31%)
common-osint-modelConverting data from services like Censys and Shodan to a common data model
Stars: ✭ 35 (-94.36%)
GotandaGotanda is browser Web Extension for OSINT.
Stars: ✭ 149 (-76.01%)
mmhdanCalculate fingerprints of a website for OSINT search
Stars: ✭ 35 (-94.36%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+4500.48%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+5199.36%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (-92.75%)
mailcatFind existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
Stars: ✭ 219 (-64.73%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-82.77%)
facebook totemTotem allows you to retrieve information about ads of a facebook page , we can retrieve the number of people targeted, how much the ad cost and a lot of other information.
Stars: ✭ 51 (-91.79%)
E4GL30S1NTE4GL30S1NT - Simple Information Gathering Tool
Stars: ✭ 139 (-77.62%)
OpendoorOWASP WEB Directory Scanner
Stars: ✭ 586 (-5.64%)
Mr.Holmes🔍 A Complete Osint Tool
Stars: ✭ 307 (-50.56%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-73.11%)
o365chkSimple Python tool to check if there is an Office 365 instance linked to a domain.
Stars: ✭ 37 (-94.04%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (-31.72%)
asnapasnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.
Stars: ✭ 28 (-95.49%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+0.16%)
sherlock🔎 Find usernames across social networks
Stars: ✭ 52 (-91.63%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-12.88%)
FisherManCLI program that collects information from facebook user profiles via Selenium.
Stars: ✭ 117 (-81.16%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (-18.36%)
DaProfilerDaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
Stars: ✭ 58 (-90.66%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-93.08%)
tenssensTenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Stars: ✭ 19 (-96.94%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-96.46%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-86.15%)
Droid Hunter(deprecated) Android application vulnerability analysis and Android pentest tool
Stars: ✭ 256 (-58.78%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-93.88%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-58.78%)
Holeheholehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Stars: ✭ 568 (-8.53%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+403.06%)
DeckerDeclarative penetration testing orchestration framework
Stars: ✭ 263 (-57.65%)
OsrframeworkOSRFramework, the Open Sources Research Framework is a AGPLv3+ project by i3visio focused on providing API and tools to perform more accurate online researches.
Stars: ✭ 534 (-14.01%)
BlacknetFree advanced and modern Windows botnet with a nice and secure PHP panel.
Stars: ✭ 271 (-56.36%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-59.74%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+373.75%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-56.2%)
GocaGoca Scanner
Stars: ✭ 281 (-54.75%)
Recon PipelineAn automated target reconnaissance pipeline.
Stars: ✭ 278 (-55.23%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-54.59%)
Searpy🥀 Search Engine Tookit,URL采集、Favicon哈希值查找真实IP、子域名查找
Stars: ✭ 104 (-83.25%)
ThreatpinchlookupDocumentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (-58.62%)
CloudbunnyCloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-56.04%)