MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (+103.03%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-21.97%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-64.39%)
SitedorksSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection.
Stars: ✭ 221 (+67.42%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-35.61%)
Contact.shAn OSINT tool to find contacts in order to report security vulnerabilities.
Stars: ✭ 216 (+63.64%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (+43.94%)
OdinAutomated network asset, email, and social media profile discovery and cataloguing.
Stars: ✭ 476 (+260.61%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+90.91%)
3klconAutomation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (+43.18%)
AutoreconSimple shell script for automated domain recognition with some tools
Stars: ✭ 244 (+84.85%)
Public Bugbounty ProgramsCommunity curated list of public bug bounty and responsible disclosure programs.
Stars: ✭ 233 (+76.52%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (+284.09%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-64.39%)
fuzzmostall manner of wordlists
Stars: ✭ 23 (-82.58%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+933.33%)
Cc.pyExtracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+89.39%)
bing-ip2hostsbingip2hosts is a Bing.com web scraper that discovers websites by IP address
Stars: ✭ 99 (-25%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+221.21%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+356.06%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+5113.64%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (-9.09%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-31.06%)
ArgosThis script will automatically set up an OSINT workstation starting from a Ubuntu OS.
Stars: ✭ 73 (-44.7%)
AshokAshok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Stars: ✭ 109 (-17.42%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (+28.03%)
sherlock🔎 Find usernames across social networks
Stars: ✭ 52 (-60.61%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-46.97%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (+86.36%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-71.21%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+516.67%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+630.3%)
OneforallOneForAll是一款功能强大的子域收集工具
Stars: ✭ 4,202 (+3083.33%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+6703.79%)
DaProfilerDaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
Stars: ✭ 58 (-56.06%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+6300.76%)
GitgrabergitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...
Stars: ✭ 1,164 (+781.82%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-44.7%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (+230.3%)
GasmaskInformation gathering tool - OSINT
Stars: ✭ 518 (+292.42%)
AquatoneA Tool for Domain Flyovers
Stars: ✭ 4,405 (+3237.12%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+4578.03%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+21543.18%)
Tidos FrameworkThe Offensive Manual Web Application Penetration Testing Framework.
Stars: ✭ 1,290 (+877.27%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+571.97%)
Urlhuntera recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (+607.58%)
Geo ReconAn OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.
Stars: ✭ 82 (-37.88%)
D4n155OWASP D4N155 - Intelligent and dynamic wordlist using OSINT
Stars: ✭ 105 (-20.45%)
Intrigue CoreDiscover Your Attack Surface!
Stars: ✭ 1,013 (+667.42%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-7.58%)
apkizerapkizer is a mass downloader for android applications for all available versions.
Stars: ✭ 40 (-69.7%)
querytoolQuerytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-21.21%)
AttacksurfacemapperAttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Stars: ✭ 702 (+431.82%)
CerteagleWeaponizing Live CT logs for automated monitoring of assets
Stars: ✭ 78 (-40.91%)
SarenkaOSINT tool - gets data from services like shodan, censys etc. in one app
Stars: ✭ 120 (-9.09%)
gosintGosint is a distributed asset information collection and vulnerability scanning platform
Stars: ✭ 344 (+160.61%)
Moriarty ProjectThis tool gives information about the phone number that you entered.
Stars: ✭ 223 (+68.94%)