1815 Open source projects that are alternatives of or similar to Spiderfoot

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Extract subdomains from SSL certificates in HTTPS sites.

Port scanning and domain utility.

Making Favicon.ico based Recon Great again !

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

OSINT

An OSINT tool to gather information about the real owner of a phone number

Next generation web scanner

An OSINT Metadata analyzing tool that filters through tags and creates reports

Enumerate information from NTLM authentication enabled web endpoints 🔎

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

A passive subdomain finder

🔎 Find usernames and download their data across social media.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Defanged Indicator of Compromise (IOC) Extractor.

Offensive tools as Dockerfiles. Lightweight & Ready to go

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

MISP trainings, threat intel and information sharing training materials with source code

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Most usable tools for iOS penetration testing

Don't Just Search OSINT. Sweep It.

All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Python 3.5+ DNS asynchronous brute force utility

🔑 Hash type identifier (CLI & lib)

Malware Sample Sources

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Multi source CVE/exploit parser.

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

In-depth Attack Surface Mapping and Asset Discovery

E-mails, subdomains and names Harvester - OSINT

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Threat Hunting queries for various attacks

OpenCTI Python Client

An advanced tool for email reconnaissance

CyCAT.org API back-end server including crawlers

🔎 Find usernames across social networks

OSINT Swiss Army Knife

swiss army knife for hackers

Sifter aims to be a fully loaded Op Centre for Pentesters

TIGMINT: OSINT (Open Source Intelligence) GUI software framework

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Hacking Toolkit

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.

Intelligence tool but without API key

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

🔎 Hunt down social media accounts by username across social networks

Automatically Launch Google Hacking Queries Against A Target Domain

OpenCTI connectors

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Do some quick reconnaissance on a domain-based web-application

💀 A bash hacking and scanning framework.