151 Open source projects that are alternatives of or similar to subdomainsEnumerator

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Pentest: Subdomains enumeration tool for penetration testers.

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Tool to automate recon

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

OneForAll是一款功能强大的子域收集工具

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

Advanced Reconnaissance tool to enumerate attacking surface of the target.

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

E-mails, subdomains and names Harvester - OSINT

Related subdomains finder

Advanced and easy to use penetration testing framework 💣🔎

Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers.

Yar is a tool for plunderin' organizations, users and/or repositories.

A high performance offensive security tool for reconnaissance and vulnerability scanning

🔎 Find usernames and download their data across social media.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

A script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)

Unique wordlist generator of unique wordlists.

Community curated list of public bug bounty and responsible disclosure programs.

Accurately Locate Smartphones using Social Engineering

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Swiftly search FDNS datasets from Rapid7 Open Data

Intelligence and Reconnaissance Package/Bundle installer.

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

An Extended, Modulair, Host Discovery Framework

Change monitoring app that checks the content of web pages in different periods.

A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.

👀 Some of my favorite OSINT tools.

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Go scripts for finding sensitive data like API key / some keywords in the github repository

A Bash script and Docker image for Bug Bounty reconnaissance. Intended for headless use.

OSINT tool - gets data from services like shodan, censys etc. in one app

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Simple shell script for automated domain recognition with some tools

Perform automated network reconnaissance scans

multiphenics - easy prototyping of multiphysics problems in FEniCS

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

OSINT Framework

A tool to hunt for publicly accessible DigitalOcean Spaces

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

A passive subdomain finder

One way to continuously monitor sensitive information that could be exposed on Github

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

Parse NTLM challenge messages over HTTP and SMB

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"

Urls de-duplication tool for better recon.

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

A container repository for my public web hacks!

A simple module to manage multiple subdomains with just one project

A Github organization reconnaissance tool.