483 Open source projects that are alternatives of or similar to XposedOrNot

Sifter aims to be a fully loaded Op Centre for Pentesters

⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.

Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥

a recon tool that allows searching on URLs that are exposed via shortener services

Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

An automated approach to performing recon for bug bounty hunting and penetration testing.

An automated target reconnaissance pipeline.

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

This repository created for personal use and added tools from my latest blog post.

One way to continuously monitor sensitive information that could be exposed on Github

Urls de-duplication tool for better recon.

Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.

A Tool for Domain Flyovers

Information gathering tool - OSINT

OSINT Project

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

No description or website provided.

A tool to fastly get all javascript sources/files

The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.

In-depth Attack Surface Mapping and Asset Discovery

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

🔎 Hunt down social media accounts by username across social networks

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Burp extension to decode NTLM SSP headers and extract domain/host information

Maltego compilation of various assets, local transforms and helpful scripts

A Tool for Domain Flyovers

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Shodan.io Command Line Interface

Python 3.5+ DNS asynchronous brute force utility

Find emails of Github users

A high performance offensive security tool for reconnaissance and vulnerability scanning

OneForAll是一款功能强大的子域收集工具

Links for the OSINT Team

API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)

Simple Python tool to check if there is an Office 365 instance linked to a domain.

OSINT

Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.

AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.

Pentest: Subdomains enumeration tool for penetration testers.

An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)

my oscp prep collection

OSINT tool - gets data from services like shodan, censys etc. in one app

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

Network footprint scanner platform. Discover domains and run your custom checks periodically.

The Offensive Manual Web Application Penetration Testing Framework.

ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

Unofficial WhatCMS API package

ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation and geolocation lookup tool / Traceroute server

The OSINT Omnibus (beta release)

A docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.

A script using Docker to quickly bring up some honeypots exposing lots of services. For research, reconnaissance, and fun. (DISCLAIMER may not be fun, not to be taken internally, aim away from face)

A helper to run OSINT queries & manage results continuously

findCDN is a tool created to help accurately identify what CDN a domain is using.

Data leak checker & OSINT Tool

信息收集 OR 信息搜集

LeakScraper is an efficient set of tools to process and visualize huge text files containing credentials. Theses tools are designed to help penetration testers and redteamers doing OSINT by gathering credentials belonging to their target.

A penetration toolkit for container environment