Displaying 1 to 20 from 31 results

OSINT-Framework - OSINT Framework

  •    Javascript

OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources. Some of the sites included might require registration or offer more data for $$$, but you should be able to get at least a portion of the available information for no cost. Feedback or new tool suggestions are extremely welcome! Please feel free to submit a pull request or open an issue on github or reach out on Twitter.

Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning

  •    Python

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.

sherlock - 🔎 Hunt down social media accounts by username across social networks

  •    Python

Accounts found will be stored in an individual text file with the corresponding username (e.g user123.txt). If you are using Anaconda in Windows, using 'python3' might not work. Use 'python' instead.

spiderfoot - SpiderFoot automates OSINT so you can focus on analysis.

  •    Python

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate. SpiderFoot has an embedded web-server for providing a clean and intuitive web-based interface but can also be used completely via the command-line. It's written in Python 3 and GPL-licensed.

phoneinfoga - Information gathering & OSINT framework for phone numbers

  •    Go

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner. This project is stable and production-ready. Roadmap is here.

fierce - A DNS reconnaissance tool for locating non-contiguous IP space.

  •    Python

Fierce is a DNS reconnaissance tool for locating non-contiguous IP space. First, credit where credit is due, fierce was originally written by RSnake along with others at http://ha.ckers.org/. This is simply a conversion to Python 3 to simplify and modernize the codebase.

shuffledns - MassDNS wrapper written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support

  •    Go

shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. Based on the work on massdns project by @blechschmidt.

TIDoS-Framework - The Offensive Manual Web Application Penetration Testing Framework.

  •    Python

NOTE: For installing globally, you will need to default your Python version to 2.x. However, the work of migration from Python2 to Python3 is already underway. TIDoS needs some libraries to run, which can be installed via aptitude or yum Package Managers.

public-bugbounty-programs - Community curated list of public bug bounty and responsible disclosure programs


This is a source of public programs listed on chaos.projectdiscovery.io. Please send pull-request of public bug bounty programs that you want to include in our public list with recon data. Have questions / doubts / ideas to discuss? feel free to open a discussion using Github discussions board.

recon-pipeline - An automated target reconnaissance pipeline.

  •    Python

There are an accompanying set of blog posts detailing the development process and underpinnings of the pipeline. Feel free to check them out if you're so inclined, but they're in no way required reading to use the tool. Check out recon-pipeline's readthedocs entry for some more in depth information than what this README provides.

prickly-pete - A script using Docker to quickly bring up some honeypots exposing 16 services

  •    Shell

A script using Docker to quickly bring up some honeypots exposing 16 services. For research, reconnaissance and fun. While originally built to run on a laptop during the DEF CON hacker conference to see how many pings and pokes we could attract, it's a useful tool for research, and reconnaissance to test networks for infestations. I've completely rewritten this (July 2017) to use Docker and Docker-Compose to containerize all the honeypot services, greatly speeding up deployment time while reducing system requirements. prickly-pete uses Docker and Docker-Compose to bring up the following honeypots, automatically, with no configuration or extra steps necessary.

gitem - A Github organization reconnaissance tool.

  •    Python

Gitem is a tool for performing Github organizational reconnaissance. Gitem can be used to collect information at various levels of granularity from Github.

IntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer.

  •    Shell

Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it aims to be a comprehensive assistant in setting up your intelligence gathering environment. Below is an overview of the tools and utilities it will help you set up.

HostHunter - HostHunter, an efficient recon tool for discovering hostnames using OSINT techniques.

  •    Python

A tool to efficiently discover and extract hostnames over a large set of target IP addresses. HostHunter utilises the HackerTarget API to enchance the results. It generates a vhosts.csv file containing the results of the reconnaissance.

eyes - 👀 🖥️ Golang rewrite of eyes

  •    Go

eyes is complete Golang rewrite of the eyes.sh BASH script that scans domains and IP addresses for relevant information. It is useful for information gathering during penetration testing, and it utilizes APIs to keep your identity safe. This program is a Golang adaptation of the eyes.sh BASH script, which is a BASH adaptation of ReconDog.

enumerid - Enumerate RIDs using pure Python

  •    Python

I created enumerid to help determine valid ranges in an environment after getting the intial foothold. Enumerid works by connecting over RPC and enumerating the Domain Computers group and then performing an IP lookup for the given hostname. If the host has a leased IP, you will get a resolution. This gives attackers the ability to more easily orient themselves in the network. Rather than limiting the user to a single RID I decided to make it a bit more open ended and allow the user to specify arbitrary RIDs with the option to perform DNS resolution. So this script ended up being a more evolved version of enum4linux. The benefit of enumerid is that you can theoretically compile it into an exe and run it on Windows, although I have not personally tested this.

delator - Golang-based subdomain miner leveraging certificate transparency logs

  •    Go

DELATOR (lat. informer) is a tool to perform subdomain enumeration and initial reconnaissance through the abusing of certificate transparency (CT) logs. It expands on the original work done by Sheila A. Berta with her CTFR tool and leverages the speed and power of Go. To run DELATOR a domain (-d) and search source (-s) must always be specified.

getJS - A tool to fastly get all javascript sources/files

  •    Go

getJS is a tool to extract all the javascript files from a set of given urls. varying from completing the urls, to resolving the files.

hunter - 🐺 Command-line application and golang client library for hunter.io

  •    Go

Command-line application and golang client library for hunter.io. The command-line application has three major commands search, find, and verify. All three of these commands output JSON. This makes parsing the infromation easy, especially using command-line tools like jq.

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.