RenginereNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2718.85%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+5540.98%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+343.44%)
Intrec PackIntelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+45.08%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-76.23%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+567.21%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+250%)
Scilla🏴☠️ Information Gathering tool 🏴☠️ DNS / Subdomains / Ports / Directories enumeration
Stars: ✭ 116 (-4.92%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+203.28%)
NatlasScaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Stars: ✭ 333 (+172.95%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+362.3%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-89.34%)
MaryamMaryam: Open-source Intelligence(OSINT) Framework
Stars: ✭ 371 (+204.1%)
MegplusAutomated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Stars: ✭ 268 (+119.67%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (+55.74%)
RaccoonA high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1795.08%)
YarYar is a tool for plunderin' organizations, users and/or repositories.
Stars: ✭ 174 (+42.62%)
Oscp Prepmy oscp prep collection
Stars: ✭ 105 (-13.93%)
AutosetupAuto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (+14.75%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (+1988.52%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (+106.56%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (+690.16%)
mailcatFind existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬
Stars: ✭ 219 (+79.51%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+36.89%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-30.33%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+4961.48%)
QuickScanPort scanning and domain utility.
Stars: ✭ 26 (-78.69%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (+393.44%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (-1.64%)
ReconcatA small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Stars: ✭ 66 (-45.9%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-64.75%)
DorknetSelenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (+109.84%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (+120.49%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+230.33%)
querytoolQuerytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.
Stars: ✭ 104 (-14.75%)
Osint Tools👀 Some of my favorite OSINT tools.
Stars: ✭ 155 (+27.05%)
AsnipASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (+3.28%)
IkyOSINT Project
Stars: ✭ 203 (+66.39%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (+217.21%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (+247.54%)
ArgosThis script will automatically set up an OSINT workstation starting from a Ubuntu OS.
Stars: ✭ 73 (-40.16%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (+16.39%)
OdinAutomated network asset, email, and social media profile discovery and cataloguing.
Stars: ✭ 476 (+290.16%)
Social AnalyzerAPI, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+6825.41%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+355.74%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+5050.82%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+1497.54%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+5839.34%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+1150.82%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-11.48%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+23317.21%)
Reconspider🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Stars: ✭ 621 (+409.02%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (-2.46%)
GitmonitorOne way to continuously monitor sensitive information that could be exposed on Github
Stars: ✭ 115 (-5.74%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+535.25%)
Osint collectionMaintained collection of OSINT related resources. (All Free & Actionable)
Stars: ✭ 809 (+563.11%)