801 Open source projects that are alternatives of or similar to webrecon

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

HostHunter a recon tool for discovering hostnames using OSINT techniques.

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

Pentest: Subdomains enumeration tool for penetration testers.

Next generation web scanner

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

👀 Some of my favorite OSINT tools.

Intelligence and Reconnaissance Package/Bundle installer.

PENIOT: Penetration Testing Tool for IoT

A tool to fastly get all javascript sources/files

apkizer is a mass downloader for android applications for all available versions.

Related subdomains finder

Automated script to run all modules for a specified list of domains, netblocks or company name

Get GTFOBins info about a given exploit from the command line

Statically-linked ssh server with reverse shell functionality for CTFs and such

DevBrute is a Password Brute Forcer, It can Brute Force almost all Social Media Accounts or Any Web Application.

Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .

SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.

Modular personalized dictionary generator.

Command line tool that allows you to explore IoT devices by using Shodan API.

A tool to hunt for publicly accessible DigitalOcean Spaces

One way to continuously monitor sensitive information that could be exposed on Github

Change monitoring app that checks the content of web pages in different periods.

Urls de-duplication tool for better recon.

Enumerate information from NTLM authentication enabled web endpoints 🔎

Simple shell script for automated domain recognition with some tools

GitHub Recon — and what you can achieve with it!

A Security Tool for Enumerating WebSockets

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Automated tool for WiFi hacking.

Reverse shell manager using tmux and ncat

A Tool for Domain Flyovers

List of Awesome Asset Discovery Resources

network reconnaissance toolkit

Fully automated offensive security framework for reconnaissance and vulnerability scanning

An advanced tool for email reconnaissance

Sifter aims to be a fully loaded Op Centre for Pentesters

🆕 The Multi-Tool Web Vulnerability Scanner.

Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Hack the World using Termux

👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️

Discover Your Attack Surface!

my oscp prep collection

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Semi-automatic OSINT framework and package manager

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

Functions that can be used to gain Reverse Shells with PowerShell

Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.