Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing recon
penetration-testing
x
recon
x
67 search results found
Spiderfoot
⭐
11,035
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Red Teaming Toolkit
⭐
8,230
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Rengine
⭐
6,446
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Reconftw
⭐
5,204
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Whatweb
⭐
5,096
Next generation web scanner
Hakrawler
⭐
4,120
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Discover
⭐
3,238
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Bbot
⭐
3,155
A recursive internet scanner for hackers.
Winpwn
⭐
3,151
Automation for internal Windows Penetrationtest / AD-Security
Pentest Tools
⭐
2,652
A collection of custom security tools for quick needs.
Cloudfail
⭐
2,080
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Finalrecon
⭐
1,949
All In One Web Recon
Sn0int
⭐
1,749
Semi-automatic OSINT framework and package manager
Reconspider
⭐
1,729
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Sx
⭐
1,357
🖖 Fast, modern, easy-to-use network scanner
Cariddi
⭐
1,228
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Pentest Notes
⭐
1,202
Goofuzz
⭐
1,119
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
Metabigor
⭐
1,087
OSINT tools and more but without API ke
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Hosthunter
⭐
826
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Leaky Paths
⭐
746
A collection of special paths linked to common internal paths, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Scilla
⭐
682
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Active Directory Exploitation Cheat Sheet
⭐
659
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Datasurgeon
⭐
630
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers and a lot More From Text
3klcon
⭐
599
Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Censys Subdomain Finder
⭐
589
⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.
Aiodnsbrute
⭐
579
Python 3.5+ DNS asynchronous brute force utility
Aort
⭐
556
All in One Recon Tool for Bug Bounty
Nullinux
⭐
525
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Vajra
⭐
511
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Dome
⭐
412
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Jfscan
⭐
407
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
Awesome Bbht
⭐
390
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Rekono
⭐
385
Pentesting automation platform that combines hacking tools to complete assessments
Pentmenu
⭐
382
A bash script for recon and DOS attacks
Getjs
⭐
373
A tool to fastly get all javascript sources/files
Docker Onion Nmap
⭐
322
Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.
Second Order
⭐
295
Second-order subdomain takeover scanner
Reconness
⭐
287
ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Reconnote
⭐
274
Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Awesome Cyber Security
⭐
255
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
Buster
⭐
254
An advanced tool for email reconnaissance
Bucketloot
⭐
252
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Arsenal
⭐
247
Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
Cut Cdn
⭐
243
✂️ Removing CDN IPs from the list of IP addresses
Vaf
⭐
241
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Dorks_hunter
⭐
198
Simple Google Dorks search tool
Reconky Automated_bash_script
⭐
170
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Lazyrecon
⭐
169
An automated approach to performing recon for bug bounty hunting and penetration testing.
Intrec Pack
⭐
164
Intelligence and Reconnaissance Package/Bundle installer.
Recon
⭐
161
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities. Created based on @ofjaaah and @Jhaddix methodologies
Recsech
⭐
161
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Mkpath
⭐
154
Make URL path combinations using a wordlist
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Tugarecon
⭐
144
Pentest: Subdomains enumeration tool for penetration testers.
Web_hacking
⭐
135
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Web Hacking Toolkit
⭐
127
A web hacking toolkit (docker image).
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Arno
⭐
116
An automation tool to install the most popular tools for bug bounty or pentesting.
Lhf
⭐
111
A modular recon tool for pentesting
Insiders
⭐
111
Archive of Potential Insider Threats
Spaces Finder
⭐
102
A tool to hunt for publicly accessible DigitalOcean Spaces
Smartrecon
⭐
102
smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter
Chronos
⭐
98
Extract pieces of info from a web page's Wayback Machine history
Subevil
⭐
85
SubEvil is an advanced open source intelligence framework (OSINT) for grouping subdomains.
Resource_files
⭐
83
mosquito - Automating reconnaissance and brute force attacks
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
V1ew S0urce
⭐
78
v1ew-s0urce a recon tool built by the 5/9Dark team.
Chomtesh
⭐
76
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.
Recon
⭐
73
Enumerate a target Based off of Nmap Results
Delator
⭐
73
Golang-based subdomain miner leveraging certificate transparency logs
Reconcat
⭐
69
A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Invoke Recon
⭐
60
"Powershell script assisting with domain enumerating and in finding quick wins" - Basically written while doing the 'Advanced Red Team' lab from pentesteracademy.
Grepaddr
⭐
60
Use grepaddr to extract (grep) all kinds of addresses from stdin like URLs (incl. IPv4/IPv6), IP addresses & ranges (IPv4/IPv6), e-mail addresses, MAC addresses.
Enumerepo
⭐
60
List all public repositories for (valid) GitHub usernames
Gitosint_bot
⭐
55
GitOSINT: The OSINT Powerhouse for Discord. The go-to Discord bot for Open Source Intelligence (OSINT).
Github Logs
⭐
53
Extracting OSINT Insights from 15TB of GitHub Event Logs
Awesome Infosec
⭐
52
A curated list of awesome infosec blog posts, courses, books and more!
Mapperplus
⭐
51
MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.
Sifter
⭐
49
Sifter - All purpose penetration testing op-center
Cloud
⭐
47
Monitoring the Cloud Landscape
R3c0nizer
⭐
42
R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.
Webrecon
⭐
41
Automated Web Recon Shell Scripts
3klector
⭐
38
3klector is an automation Recon tool which collecting information about Acquisitions and ASN which related to Big Scope company
Phisherprice
⭐
38
All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Pentesting Resources
⭐
37
Resources, repos and scripts for pentesters and bug bounty.
Ffuf Tips And Tricks
⭐
37
Describe how to use ffuf different options with examples
Censys Recon Ng
⭐
36
recon-ng modules for Censys
Obsidiansailboat
⭐
35
Nmap and NSE command line wrapper in the style of Metasploit
Webhackurls
⭐
34
Simple python OSINT tool for urls recon thanks to the waybackmachine.
Buggpt Tools
⭐
34
AI Generated Tools/one-off-scripts primarily for Bug Bounties
Icu
⭐
33
An Extended, Modulair, Host Discovery Framework
Research
⭐
32
❄️ Research project for SubFinder core API V2
H2buster
⭐
32
A threaded, recursive, web directory brute-force scanner over HTTP/2.
Huntthebug
⭐
32
Basic Recon For Bug Bounty Hunter - "HuntTheBug" is Basic Scripts For Sub Domain Enumeration> Live Domain Enumeration > Sub Domain Hijack > URL + JavaScript Scan > Dir Brute Forcing > Open Port Check With Telegram Bot Notification
Mgwls
⭐
31
Combine words from two wordlist files and concatenate them with an optional delimiter
Sniffcon Ultimate Recon Dashboard For Bug Bounty And Pentesting
⭐
31
Sniffcon has a wide list of powerful online bug bounty tools which can be used to find security vulnerabilities.
Related Searches
Python Penetration Testing (1,369)
Security Penetration Testing (671)
Shell Penetration Testing (398)
Exploitation Penetration Testing (392)
Scanner Penetration Testing (373)
Python Recon (372)
Penetration Testing Pentest Tool (335)
Penetration Testing Red Team (324)
Penetration Testing Security Tools (315)
Penetration Testing Hacking Tool (293)
1-67 of 67 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.