SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

E-mails, subdomains and names Harvester - OSINT

In-depth attack surface mapping and asset discovery

OneForAll是一款功能强大的子域收集工具

The recursive internet scanner for hackers. 🧡

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Next generation web scanner

HTTP parameter discovery suite.

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

A small decorator for the JavaScript WebSocket API that automatically reconnects

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

Automation for internal Windows Penetrationtest / AD-Security

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

A collection of custom security tools for quick needs.

A collection of awesome one-liner scripts especially for bug bounty tips.

A modern platform for visual, flexible, and extensible graph-based investigations. For cybersecurity analysts and investigators.

OSINT tools for Information gathering, Cybersecurity, Reverse searching, bugbounty, trust and safety, red team oprations and more.

Quickly discover exposed hosts on the internet using multiple search engines.

All In One Web Recon

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

List of Awesome Asset Discovery Resources