Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for osint reconnaissance
osint
x
reconnaissance
x
127 search results found
Sherlock
⭐
60,566
Hunt down social media accounts by username across social networks
Phoneinfoga
⭐
13,954
Information gathering framework for phone numbers
Subfinder
⭐
11,086
Fast passive subdomain enumeration tool.
Social Analyzer
⭐
10,841
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Theharvester
⭐
10,375
E-mails, subdomains and names Harvester - OSINT
Red Teaming Toolkit
⭐
8,230
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Rengine
⭐
6,446
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Reconftw
⭐
5,890
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Osmedeus
⭐
5,492
A Workflow Engine for Offensive Security
Aquatone
⭐
4,369
A Tool for Domain Flyovers
Hakrawler
⭐
4,120
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Raccoon
⭐
2,928
A high performance offensive security tool for reconnaissance and vulnerability scanning
Tidos Framework
⭐
1,796
The Offensive Manual Web Application Penetration Testing Framework.
Awesome Asset Discovery
⭐
1,749
List of Awesome Asset Discovery Resources
Reconspider
⭐
1,729
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Cariddi
⭐
1,228
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Intrigue Core
⭐
1,205
Discover Your Attack Surface!
Fbi Tools
⭐
1,153
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Hosthunter
⭐
1,111
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Metabigor
⭐
1,087
OSINT tools and more but without API ke
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Maryam
⭐
807
Maryam: Open-source Intelligence(OSINT) Framework
Sitedorks
⭐
719
Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.
Witnessme
⭐
696
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Datasurgeon
⭐
630
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers and a lot More From Text
Karma_v2
⭐
630
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
Frogy
⭐
622
My subdomain enumeration script. It's unique in the way it is built upon.
Gasmask
⭐
617
Information gathering tool - OSINT
Aort
⭐
556
All in One Recon Tool for Bug Bounty
Xurlfind3r
⭐
534
A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.
Sarenka
⭐
533
OSINT tool - gets data from services like shodan, censys etc. in one app
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Ntlmrecon
⭐
458
Enumerate information from NTLM authentication enabled web endpoints 🔎
Dome
⭐
412
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Offensive Osint Tools
⭐
373
OffSec OSINT Pentest/RedTeam Tools
Phoneinfoga
⭐
370
script to search for data about phone numbers
Awesome Cybersec Resources
⭐
314
An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Ashok
⭐
306
Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Uscrapper
⭐
298
Uscrapper 2.0, a powerful OSINT webscraper for personal data collection. Uscrapper uses web scraping to extract email IDs, social-media links, geolocations, phone numbers, and usernames from webpages, supports multithreading, has advanced Anti-webscraping bypassing modules, supports webcrawling to scrape from various sublinks within the same domain
Osint Cheat Sheet
⭐
293
OSINT cheat sheet, list OSINT tools, dataset, article, book and OSINT tips
Phomber
⭐
255
[PH0MBER]: An open source infomation grathering & reconnaissance framework!
Buster
⭐
254
An advanced tool for email reconnaissance
Bucketloot
⭐
252
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Arsenal
⭐
247
Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
Yar
⭐
233
Yar is a tool for plunderin' organizations, users and/or repositories.
N0kovo_subdomains
⭐
214
An extremely effective subdomain wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
Subrake
⭐
211
🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
Eyes
⭐
203
🕵️ Email osint tool
Investigo
⭐
191
🔎 Find usernames and download their data across social media.
Sagemode
⭐
178
👀Sagemode: Track and Unveil Online identities across social media platforms🕵️♂️
Geo Recon
⭐
165
An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts.
Skytrack
⭐
153
skytrack is a planespotting and aircraft OSINT tool made using Python 🛩🔍
Webosint
⭐
148
W3b0s1nt (WebOSINT) is a Python tool/script for passive Domain Intelligence gathering.
Knockknock
⭐
147
A simple reverse whois lookup tool which returns a list of domains owned by people or companies
Bitcrook
⭐
139
Open-Source Intelligence Apparatus
Web Hacking Toolkit
⭐
127
A web hacking toolkit (docker image).
Insiders
⭐
111
Archive of Potential Insider Threats
Phoneinfoga
⭐
108
PhoneInfoga is one of the most advanced tools to scan phone numbers using only free resources.
Certeagle
⭐
98
Weaponizing Live CT logs for automated monitoring of assets
Daprofiler
⭐
97
DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.
Smwyg Show Me What You Got
⭐
95
This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation leak. This database makes finding passwords faster and easier than ever before.
Xsubfind3r
⭐
92
A command-line interface (CLI) based passive subdomain discovery utility. It is designed to efficiently identify known subdomains of given domains by tapping into a multitude of curated online passive sources.
Osinteye
⭐
91
Username enumeration & reconnaisance suite
Bing Ip2hosts
⭐
91
bingip2hosts is a Bing.com web scraper that discovers websites by IP address
Lazyrecon
⭐
87
Wicked sick v2.0 script is intended to automate your reconnaissance process in an organized fashion.
Argos
⭐
86
This script will automatically set up an OSINT workstation starting from a Ubuntu OS.
Shodan
⭐
81
yet another Shodan.io client
Udon
⭐
80
A simple tool that helps to find assets/domains based on the Google Analytics ID.
Thoth
⭐
79
Automate recon for red team assessments.
Secator
⭐
77
Secator - the pentester's swiss knife
Uscan
⭐
69
uscan is an automated vulnerability scanner that streamlines the process of website hacking, making it faster and more efficient than ever before.
Spk
⭐
69
spk aka spritzgebaeck: A small OSINT/Recon tool to find CIDRs that belong to a specific organization.
Awesome Cyber
⭐
65
A curated list of tools useful within the field of cyber security, for both blue and red team operations.
Enumerepo
⭐
60
List all public repositories for (valid) GitHub usernames
Vaile
⭐
57
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
Certstream Server Go
⭐
57
This project aims to be a drop-in replacement for the certstream server by Calidog. This tool aggregates, parses, and streams certificate data from multiple certificate transparency logs via websocket connections to the clients.
Sifter
⭐
49
Sifter - All purpose penetration testing op-center
Aquatone
⭐
48
A Tool for Domain Flyovers
Upi Recon
⭐
48
A command line tool for UPI payment address discovery and reconnaissance
Cloud
⭐
47
Monitoring the Cloud Landscape
Osint Tools
⭐
42
OSINT tools can be used for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.
Vichiti
⭐
39
An OSINT focused tool made with Nodejs!
Attacksurfacemanagement
⭐
33
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Bruter
⭐
29
Brutuer is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun
D4v1d
⭐
29
Social-Media OSINT tool - gather info on users across multiple platforms; easily extensible by design. 📷
Sherlock
⭐
28
🔎 Find usernames across social networks
Red Team Tools
⭐
27
Domaindouche
⭐
25
OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.
Xingdumper
⭐
24
Python 3 script to dump/scrape/extract company employees from XING API
Gorecon
⭐
24
Initiate external reconnaissance, parse Nessus xml reports and more.
Flydns
⭐
24
Related subdomains finder
Squatm3
⭐
23
Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different techniques
Go Spyse
⭐
22
The official wrapper for spyse.com API, written in Go, aimed to help developers build their integrations with Spyse.
Smog
⭐
22
A semi-automatic osint/recon framework.
Pentest Scripts
⭐
20
Compilation of scripts/tools (made by me or not) that help me with Pentest and Bug Bounty.
Superrepository
⭐
19
Super Repository streamlines package and tool installations on Linux. It combines a variety of packages, tools, and repositories from official sources. Using package managers like apt, snap, and pip3, it ensures smooth installations.
Waybackshot
⭐
17
(CLI wrapper with upcoming features) Takes a list of URLs and retrieve screenshots of older versions stored on the Wayback Machine.
Yuyu_scanner
⭐
17
Web Reconnaissance and Analyst
Domainthreat
⭐
17
Daily Domain Monitoring to detect phishing and brand impersonation with subdomain enumeration and source code scraping
Columbus
⭐
16
An advanced subdomain discovery service with fast, powerful and easy to use API and DNS history.
1-100 of 127 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2025 Awesome Open Source. All rights reserved.
