707 Open source projects that are alternatives of or similar to Tidos Framework

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Intelligence and Reconnaissance Package/Bundle installer.

🆕 The Multi-Tool Web Vulnerability Scanner.

A high performance offensive security tool for reconnaissance and vulnerability scanning

Enumerate information from NTLM authentication enabled web endpoints 🔎

🔎 Find usernames across social networks

Yet Another LInkedIn Scraper...

Weaponizing Live CT logs for automated monitoring of assets

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A MongoDB importer and API for Project Sonars DNS datasets

Sifter aims to be a fully loaded Op Centre for Pentesters

An OSINT tool to gather information about the real owner of a phone number

Automated script to run all modules for a specified list of domains, netblocks or company name

A collection of useful links for Pentesters

bingip2hosts is a Bing.com web scraper that discovers websites by IP address

onedrive user enumeration - pentest tool to enumerate valid onedrive users

This repository contains writeups for various CTFs I've participated in (Including Hack The Box).

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Maryam: Open-source Intelligence(OSINT) Framework

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Notes for taking the OSCP in 2097. Read in book form on GitBook

This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference

List of Awesome Asset Discovery Resources

Discover Your Attack Surface!

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

E-mails, subdomains and names Harvester - OSINT

Making Favicon.ico based Recon Great again !

A knockoff social-engineer toolkit

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

Querytool is an OSINT framework based on Google Spreadsheets. With this tool you can perform complex search of terms, people, email addresses, files and many more.

Advanced Web Browser Fingerprinting

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Web Recon & Exploitation Tool.

Do some quick reconnaissance on a domain-based web-application

Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..

A Tool for Domain Flyovers

Python 3.5+ DNS asynchronous brute force utility

OSINT

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

Automated network asset, email, and social media profile discovery and cataloguing.

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

Information gathering tool - OSINT

HostHunter a recon tool for discovering hostnames using OSINT techniques.

In-depth Attack Surface Mapping and Asset Discovery

🔎 Hunt down social media accounts by username across social networks

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Semi-automatic OSINT framework and package manager

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

A Tool for Domain Flyovers