1391 Open source projects that are alternatives of or similar to Sonarsearch

Fully automated offensive security framework for reconnaissance and vulnerability scanning

In-depth Attack Surface Mapping and Asset Discovery

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

Python 3.5+ DNS asynchronous brute force utility

Web path scanner

A Tool for Domain Flyovers

DNSProb is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Automated NoSQL database enumeration and web application exploitation tool.

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

In-depth Attack Surface Mapping and Asset Discovery

Security Tool to Look For Interesting Files in S3 Buckets

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

OneForAll是一款功能强大的子域收集工具

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

HostHunter a recon tool for discovering hostnames using OSINT techniques.

A passive subdomain finder

Enumerate information from NTLM authentication enabled web endpoints 🔎

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Collect email addresses by crawling search engine results.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Gosint is a distributed asset information collection and vulnerability scanning platform

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

Extracting URLs of a specific target based on the results of "commoncrawl.org"

Fast tool to extract all subdomains from crt.sh website. Output will be up to sub.sub.sub.subdomain.com with standard and advanced search techniques

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

RAS(RAndom Subdomain) Fuzzer

findCDN is a tool created to help accurately identify what CDN a domain is using.

Pentest: Subdomains enumeration tool for penetration testers.

Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.

Related subdomains finder

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Multi source CVE/exploit parser.

Boxer: A fast directory bruteforce tool written in Python with concurrency.

Mass querying whois records

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

An OSINT tool to find contacts in order to report security vulnerabilities.

Extract endpoints marked as disallow in robots files to generate wordlists.

recon-ng modules for Censys

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Get GTFOBins info about a given exploit from the command line

Dumain Bruteforcer - a fast and flexible domain bruteforcer

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Automated script to run all modules for a specified list of domains, netblocks or company name

It's a Docker Environment for pentesting which having all the required tool for VAPT.

onedrive user enumeration - pentest tool to enumerate valid onedrive users

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

Host Header Injection Checker

Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second

Port scanning and domain utility.

My personal bug bounty toolkit.