Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for penetration testing reconnaissance
penetration-testing
x
reconnaissance
x
85 search results found
Social Analyzer
⭐
10,841
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
Red Teaming Toolkit
⭐
8,230
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Rengine
⭐
6,446
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Reconftw
⭐
5,204
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Osmedeus
⭐
5,076
A Workflow Engine for Offensive Security
Allaboutbugbounty
⭐
4,793
All about bug bounty (bypasses, payloads, and etc)
Hakrawler
⭐
4,120
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Discover
⭐
3,238
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
Raccoon
⭐
2,928
A high performance offensive security tool for reconnaissance and vulnerability scanning
Finalrecon
⭐
1,949
All In One Web Recon
Sudomy
⭐
1,831
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
Sn0int
⭐
1,749
Semi-automatic OSINT framework and package manager
Reconspider
⭐
1,729
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Rapidscan
⭐
1,489
🆕 The Multi-Tool Web Vulnerability Scanner.
Cariddi
⭐
1,228
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Intrigue Core
⭐
1,205
Discover Your Attack Surface!
Wordlists
⭐
1,200
Real-world infosec wordlists, updated regularly
Fbi Tools
⭐
1,153
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Goofuzz
⭐
1,119
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
Metabigor
⭐
1,087
OSINT tools and more but without API ke
Inventory
⭐
1,019
Asset inventory of over 800 public bug bounty programs.
Hosthunter
⭐
826
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Pywerview
⭐
803
A (partial) Python rewriting of PowerSploit's PowerView
Garud
⭐
694
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Sublert
⭐
687
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Scilla
⭐
682
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Datasurgeon
⭐
630
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers and a lot More From Text
3klcon
⭐
599
Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Aort
⭐
556
All in One Recon Tool for Bug Bounty
Rustbuster
⭐
493
A Comprehensive Web Fuzzer and Content Discovery Tool
Xurlfind3r
⭐
485
A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.
Bigbountyrecon
⭐
471
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
R4ven
⭐
438
Track the IP address and GPS location of the user's smartphone or PC and capture a picture of the target, along with device information.
Dome
⭐
412
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.
Badkarma
⭐
409
network reconnaissance toolkit
Awesome Bbht
⭐
390
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Rekono
⭐
385
Pentesting automation platform that combines hacking tools to complete assessments
Getjs
⭐
373
A tool to fastly get all javascript sources/files
Offensive Osint Tools
⭐
373
OffSec OSINT Pentest/RedTeam Tools
Reconscan
⭐
324
Network reconnaissance and vulnerability assessment tools.
Awesome Cybersec Resources
⭐
314
An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Second Order
⭐
295
Second-order subdomain takeover scanner
Nebula
⭐
291
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
Asnlookup
⭐
288
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Buster
⭐
254
An advanced tool for email reconnaissance
Bucketloot
⭐
252
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Arsenal
⭐
247
Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
Cut Cdn
⭐
243
✂️ Removing CDN IPs from the list of IP addresses
Investigator
⭐
218
An online handy-recon tool
Gsec
⭐
218
Web Security Scanner
N0kovo_subdomains
⭐
214
An extremely effective subdomain wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
Mksub
⭐
204
Generate tens of thousands of subdomain combinations in a matter of seconds
Asnip
⭐
184
ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Bug_bounty_tools_and_methodology
⭐
175
Bug Bounty Tools used on Twitch - Recon
Reconky Automated_bash_script
⭐
170
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Lazyrecon
⭐
169
An automated approach to performing recon for bug bounty hunting and penetration testing.
Intrec Pack
⭐
164
Intelligence and Reconnaissance Package/Bundle installer.
Recsech
⭐
161
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Mkpath
⭐
154
Make URL path combinations using a wordlist
Favirecon
⭐
149
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
Knockknock
⭐
147
A simple reverse whois lookup tool which returns a list of domains owned by people or companies
Tugarecon
⭐
144
Pentest: Subdomains enumeration tool for penetration testers.
Kitsec Core
⭐
136
Ethical hacking, made easy.
Ashok
⭐
133
Ashok is a OSINT Recon Tool , a.k.a 😍 Swiss Army knife .
Web Hacking Toolkit
⭐
127
A web hacking toolkit (docker image).
Webstor
⭐
119
A script to quickly enumerate all websites across all of your organization's networks, store their responses, and query for known web technologies, such as those with zero-day vulnerabilities.
Arno
⭐
116
An automation tool to install the most popular tools for bug bounty or pentesting.
Insiders
⭐
111
Archive of Potential Insider Threats
Shonydanza
⭐
110
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Smartrecon
⭐
102
smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter
Spaces Finder
⭐
102
A tool to hunt for publicly accessible DigitalOcean Spaces
Docker Osmedeus
⭐
99
Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning
Chronos
⭐
98
Extract pieces of info from a web page's Wayback Machine history
Xsubfind3r
⭐
92
A command-line interface (CLI) based passive subdomain discovery utility. It is designed to efficiently identify known subdomains of given domains by tapping into a multitude of curated online passive sources.
Keye
⭐
90
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Xcrawl3r
⭐
79
A command-line interface (CLI) based utility to recursively crawl webpages. It is designed to systematically browse webpages' URLs and follow links to discover linked webpages' URLs.
Pentest Tools
⭐
79
Some random tools I use for penetration testing
Scanpro
⭐
79
ScanPro - NMap Scanning Scripts ~ Network Mapper
Secator
⭐
77
Secator - the pentester's swiss knife
Chomtesh
⭐
76
CHOMTE.SH is a powerful shell script designed to automate reconnaissance tasks during penetration testing. It utilizes various Go-based tools to gather information and identify the attack surface, making it a valuable asset for bug bounty hunters and penetration testers.
Delator
⭐
73
Golang-based subdomain miner leveraging certificate transparency logs
Recon
⭐
73
Enumerate a target Based off of Nmap Results
Reconcat
⭐
69
A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.
Uscan
⭐
69
uscan is an automated vulnerability scanner that streamlines the process of website hacking, making it faster and more efficient than ever before.
Frida_setup
⭐
63
One-click installer for Frida and Burp certs for SSL Pinning bypass
Grepaddr
⭐
60
Use grepaddr to extract (grep) all kinds of addresses from stdin like URLs (incl. IPv4/IPv6), IP addresses & ranges (IPv4/IPv6), e-mail addresses, MAC addresses.
Enumerepo
⭐
60
List all public repositories for (valid) GitHub usernames
Vaile
⭐
57
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
Subdomains.sh
⭐
57
A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.
Gitosint_bot
⭐
55
GitOSINT: The OSINT Powerhouse for Discord. The go-to Discord bot for Open Source Intelligence (OSINT).
Warf
⭐
53
WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
Sifter
⭐
49
Sifter - All purpose penetration testing op-center
Aquatone
⭐
48
A Tool for Domain Flyovers
Rest Api
⭐
48
REST API backend for Reconmap
Cloud
⭐
47
Monitoring the Cloud Landscape
R3c0nizer
⭐
42
R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.
Webrecon
⭐
41
Automated Web Recon Shell Scripts
3klector
⭐
38
3klector is an automation Recon tool which collecting information about Acquisitions and ASN which related to Big Scope company
Eyes
⭐
33
👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Attacksurfacemanagement
⭐
33
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Related Searches
Python Penetration Testing (1,369)
Security Penetration Testing (767)
Exploitation Penetration Testing (392)
Scanner Penetration Testing (373)
Penetration Testing Pentest Tool (331)
Penetration Testing Red Team (324)
Penetration Testing Security Tools (315)
Penetration Testing Hacking Tool (293)
1-85 of 85 search results
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.