CrithitTakes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-97.36%)
GitgotSemi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Stars: ✭ 964 (-85.99%)
GetaltnameExtract subdomains from SSL certificates in HTTPS sites.
Stars: ✭ 320 (-95.35%)
QuickScanPort scanning and domain utility.
Stars: ✭ 26 (-99.62%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (-91.8%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-96.09%)
DeadtrapAn OSINT tool to gather information about the real owner of a phone number
Stars: ✭ 73 (-98.94%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (-49.1%)
MetaforgeAn OSINT Metadata analyzing tool that filters through tags and creates reports
Stars: ✭ 63 (-99.08%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-96.34%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (-96.03%)
PyIrisPyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (-95.7%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (-97.76%)
Pyiris BackdoorPyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Stars: ✭ 145 (-97.89%)
PdlistA passive subdomain finder
Stars: ✭ 204 (-97.04%)
Investigo🔎 Find usernames and download their data across social media.
Stars: ✭ 168 (-97.56%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-99.11%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (-95.64%)
DiscoverCustom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
Stars: ✭ 2,548 (-62.98%)
Misp TrainingMISP trainings, threat intel and information sharing training materials with source code
Stars: ✭ 185 (-97.31%)
OpensquatDetection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.
Stars: ✭ 149 (-97.83%)
IosMost usable tools for iOS penetration testing
Stars: ✭ 563 (-91.82%)
OsweepDon't Just Search OSINT. Sweep It.
Stars: ✭ 225 (-96.73%)
phisherpriceAll In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (-99.45%)
XposedOrNotXposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.
Stars: ✭ 120 (-98.26%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-94.62%)
haiti🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (-95.83%)
netizenshipa commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-99.52%)
PyParser-CVEMulti source CVE/exploit parser.
Stars: ✭ 25 (-99.64%)
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (-93.84%)
AmassIn-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (-8.69%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (-10.27%)
go-spyseThe official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.
Stars: ✭ 25 (-99.64%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-94.45%)
BusterAn advanced tool for email reconnaissance
Stars: ✭ 387 (-94.38%)
cycat-serviceCyCAT.org API back-end server including crawlers
Stars: ✭ 25 (-99.64%)
sherlock🔎 Find usernames across social networks
Stars: ✭ 52 (-99.24%)
GosintOSINT Swiss Army Knife
Stars: ✭ 401 (-94.17%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-94.97%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (-94.14%)
TIGMINTTIGMINT: OSINT (Open Source Intelligence) GUI software framework
Stars: ✭ 195 (-97.17%)
YAFRAYAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-99.68%)
HabuHacking Toolkit
Stars: ✭ 635 (-90.77%)
Git HoundReconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Stars: ✭ 602 (-91.25%)
targetsA collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-98.76%)
phomberPhomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (-99.14%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (-93.84%)
PhoneinfogaPhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.
Stars: ✭ 5,927 (-13.88%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+315.13%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-93.72%)
connectorsOpenCTI connectors
Stars: ✭ 135 (-98.04%)
pyc2bytecodeA Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-98.98%)
WitnessmeWeb Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Stars: ✭ 436 (-93.66%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-99.81%)
Hack4Squad💀 A bash hacking and scanning framework.
Stars: ✭ 45 (-99.35%)