Awesome Open Source
Awesome Open Source
Application Programming Interfaces
Command Line Interface
Integrated Development Environments
Lists Of Projects
User Interface Components
Web User Interface
The Top 76 Reconnaissance Open Source Projects
🔎 Hunt down social media accounts by username across social networks
Become A Software Engineer At Top Companies
Identify your strengths with a free online coding quiz, and skip resume and recruiter screens at multiple companies at once. It's free, confidential, includes a free flight and hotel, along with help to study to pass interviews and negotiate a high salary!
SpiderFoot automates OSINT collection so that you can focus on analysis.
E-mails, subdomains and names Harvester - OSINT
A Tool for Domain Flyovers
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Advanced information gathering & OSINT framework for phone numbers
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.
reNgine is an automated reconnaissance framework meant for information gathering during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.
A high performance offensive security tool for reconnaissance and vulnerability scanning
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Accurately Locate Smartphones using Social Engineering
A container repository for my public web hacks!
The Offensive Manual Web Application Penetration Testing Framework.
A DNS reconnaissance tool for locating non-contiguous IP space.
Awesome Asset Discovery
List of Awesome Asset Discovery Resources
Discover Your Attack Surface
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
The Last Web Recon Tool You'll Need
Semi-automatic OSINT framework and package manager
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
🆕 The Multi-Tool Web Vulnerability Scanner.
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
AttackSurfaceMapper is a tool that aims to automate the reconnaissance process.
Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.
Making Favicon.ico based Recon Great again !
Automated network asset, email, and social media profile discovery and cataloguing.
Information gathering tool - OSINT
shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support.
a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
HostHunter a recon tool for discovering hostnames using OSINT techniques.
network reconnaissance toolkit
Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Maryam : Open-source Intelligence(OSINT) Framework
This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of TIPS reach 1000 TIPS .Learn Ethical Hacking and penetration testing.and of course OSINT
Python tool that monitors and logs user-run commands on a Linux system for either offensive or defensive purposes..
CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]
Recon My Way
This repository created for personal use and added tools from my latest blog post.
An automated approach to performing recon for bug bounty hunting and penetration testing.
An automated target reconnaissance pipeline.
Tool to enumerate information from NTLM authentication enabled web endpoints 🔎
Simple shell script for automated domain recognition with some tools
I See You
A passive subdomain finder
A Github organization reconnaissance tool.
Advanced and easy to use penetration testing framework 💣🔎
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Intelligence and Reconnaissance Package/Bundle installer.
Public Bugbounty Programs
Community curated list of public bug bounty and responsible disclosure programs.
Yar is a tool for plunderin' organizations, users and/or repositories.
Change monitoring app that checks the content of web pages in different periods.
MQTT-PWN intends to be a one-stop-shop for IoT Broker penetration-testing and security assessment operations.
Find usernames across over 170 social networks - Fast & flexible remake of sdushantha/sherlock
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Perform automated network reconnaissance scans
A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters.
ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
A tool to hunt for publicly accessible DigitalOcean Spaces
Parse NTLM challenge messages over HTTP and SMB
One way to continuously monitor sensitive information that could be exposed on Github
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters.
👀 Some of my favorite OSINT tools.
An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.
An OSINT tool to gather information about the real owner of a phone number
A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
A fast http and https prober, to check which URLs are alive
👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Code from my old page ge.mine.nu
1-76 of 76 projects