990 Open source projects that are alternatives of or similar to targets

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Related subdomains finder

Pentest: Subdomains enumeration tool for penetration testers.

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Simple shell script for automated domain recognition with some tools

🎯 XML External Entity (XXE) Injection Payload List

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.

This repository created for personal use and added tools from my latest blog post.

An automated target reconnaissance pipeline.

Urls de-duplication tool for better recon.

Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own

Change monitoring app that checks the content of web pages in different periods.

A tool to fastly get all javascript sources/files

Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Information Security Library

Making Favicon.ico based Recon Great again !

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A Tool for Domain Flyovers

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

List of Awesome Asset Discovery Resources

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

A tool to hunt for publicly accessible DigitalOcean Spaces

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

goverview - Get an overview of the list of URLs

An automated approach to performing recon for bug bounty hunting and penetration testing.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Python library and CLI for the Bug Bounty Recon API

Enumerate information from NTLM authentication enabled web endpoints 🔎

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

all manner of wordlists

apkizer is a mass downloader for android applications for all available versions.

One way to continuously monitor sensitive information that could be exposed on Github

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

An advanced tool for email reconnaissance

A collection of some of my scripts

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Monitoring GitHub for sensitive data shared publicly

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Backend logic implementation for Vulnerability Management System

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

An Extended, Modulair, Host Discovery Framework

Turn your VPS into an attack box

📝 urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Spin up new Windows qubes quickly, effortlessly and securely on Qubes OS

Additional Resources For Securing The Stack Tutorials

Nuubi Tools (Information-ghatering|Scanner|Recon.)

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

A simple python script which can check HTTP status of branch of URLs/Subdomains and grab URLs/Subdomain title

Malware Sample Sources

You didn't think I'd go and leave the blue team out, right?

Automated Web Recon Shell Scripts

A concise, directive, specific, flexible, and free incident response plan template

Mass querying whois records

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.