Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+23534.21%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+2234.21%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+1434.21%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+1981.58%)
RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+8950%)
magicReconMagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.
Stars: ✭ 478 (+1157.89%)
DnstwistDomain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+8121.05%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+7642.11%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+2463.16%)
Pythempentest framework
Stars: ✭ 1,060 (+2689.47%)
NosqlmapAutomated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+4973.68%)
nuubiNuubi Tools (Information-ghatering|Scanner|Recon.)
Stars: ✭ 76 (+100%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+1323.68%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+1384.21%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (+13.16%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+2231.58%)
ParamspiderMining parameters from dark corners of Web Archives
Stars: ✭ 781 (+1955.26%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+2963.16%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (+92.11%)
PasktoPaskto - Passive Web Scanner
Stars: ✭ 136 (+257.89%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (+292.11%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (+344.74%)
TweetFeedCollecting IOCs posted on Twitter
Stars: ✭ 181 (+376.32%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+5984.21%)
PdlistA passive subdomain finder
Stars: ✭ 204 (+436.84%)
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (+481.58%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+1023.68%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+1015.79%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+1534.21%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+960.53%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+2357.89%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+810.53%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (+231.58%)
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Stars: ✭ 150 (+294.74%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (+176.32%)
GitemA Github organization reconnaissance tool.
Stars: ✭ 190 (+400%)
NetzDiscover internet-wide misconfigurations while drinking coffee
Stars: ✭ 159 (+318.42%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (+468.42%)
UrlextractorInformation gathering & website reconnaissance | https://phishstats.info/
Stars: ✭ 341 (+797.37%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+557.89%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (+618.42%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+123.68%)
SudomySudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Stars: ✭ 1,572 (+4036.84%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (+547.37%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+673.68%)
findcdnfindCDN is a tool created to help accurately identify what CDN a domain is using.
Stars: ✭ 64 (+68.42%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+273.68%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+805.26%)
SourceWolfAmazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (+247.37%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-23.68%)
pywhatcmsUnofficial WhatCMS API package
Stars: ✭ 42 (+10.53%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (+176.32%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (+315.79%)
KaliIntelligenceSuiteKali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.
Stars: ✭ 58 (+52.63%)
request smugglerHttp request smuggling vulnerability scanner
Stars: ✭ 203 (+434.21%)
AttackSurfaceManagementDiscover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+18.42%)
hackableA python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
Stars: ✭ 61 (+60.53%)