We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
OSINT-Framework - OSINT Framework
OSINT framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources. Some of the sites included might require registration or offer more data for $$$, but you should be able to get at least a portion of the available information for no cost. Feedback or new tool suggestions are extremely welcome! Please feel free to submit a pull request or open an issue on github or reach out on Twitter.
osint-framework osint-resources osint intelligence-gathering reconnaissance footprintingRaccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.
reconnaissance scanner vulnerability-assessment vulnerability-scanner enumeration pentesting pentest-tool hacking-tool offensive-security security-scanner fuzzing information-gathering hacking raccoon osintfierce - A DNS reconnaissance tool for locating non-contiguous IP space.
Fierce is a DNS reconnaissance tool for locating non-contiguous IP space. First, credit where credit is due, fierce was originally written by RSnake along with others at http://ha.ckers.org/. This is simply a conversion to Python 3 to simplify and modernize the codebase.
dns zone-transfers reconnaissance discovered-domains name-server domain subdomain fierceTIDoS-Framework - The Offensive Manual Web Application Penetration Testing Framework.
NOTE: For installing globally, you will need to default your Python version to 2.x. However, the work of migration from Python2 to Python3 is already underway. TIDoS needs some libraries to run, which can be installed via aptitude or yum Package Managers.
web-penetration-testing reconnaissance vulnerability-analysis scanning-enumeration web-fuzzer osint vulnerability-detection footprinting intelligence-gathering exploitation web-application-security theinfecteddrake tidos-frameworkprickly-pete - A script using Docker to quickly bring up some honeypots exposing 16 services
A script using Docker to quickly bring up some honeypots exposing 16 services. For research, reconnaissance and fun. While originally built to run on a laptop during the DEF CON hacker conference to see how many pings and pokes we could attract, it's a useful tool for research, and reconnaissance to test networks for infestations. I've completely rewritten this (July 2017) to use Docker and Docker-Compose to containerize all the honeypot services, greatly speeding up deployment time while reducing system requirements. prickly-pete uses Docker and Docker-Compose to bring up the following honeypots, automatically, with no configuration or extra steps necessary.
honeypot cowrie reconnaissance expose-services ssh dionaea docker docker-compose contpot ids ics-scada scada icsgitem - A Github organization reconnaissance tool.
Gitem is a tool for performing Github organizational reconnaissance. Gitem can be used to collect information at various levels of granularity from Github.
github git reconnaissance osint phishing recruitmentIntRec-Pack - Intelligence and Reconnaissance Package/Bundle installer.
Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it aims to be a comprehensive assistant in setting up your intelligence gathering environment. Below is an overview of the tools and utilities it will help you set up.
reconnaissance bash pentest pentesting recon threatintel osint installer install-script enumeration automation security security-toolsHostHunter - HostHunter, an efficient recon tool for discovering hostnames using OSINT techniques.
A tool to efficiently discover and extract hostnames over a large set of target IP addresses. HostHunter utilises the HackerTarget API to enchance the results. It generates a vhosts.csv file containing the results of the reconnaissance.
osint recon tool hostnames ip reconnaissanceurlRecon - :pencil: urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
:pencil: urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
forensics forensic security-tools security social-engineering reconnaissance cybersecurityeyes - 👀 🖥️ Golang rewrite of eyes
eyes is complete Golang rewrite of the eyes.sh BASH script that scans domains and IP addresses for relevant information. It is useful for information gathering during penetration testing, and it utilizes APIs to keep your identity safe. This program is a Golang adaptation of the eyes.sh BASH script, which is a BASH adaptation of ReconDog.
pentesting pentest-tool penetration-testing information-gathering reconnaissanceenumerid - Enumerate RIDs using pure Python
I created enumerid to help determine valid ranges in an environment after getting the intial foothold. Enumerid works by connecting over RPC and enumerating the Domain Computers group and then performing an IP lookup for the given hostname. If the host has a leased IP, you will get a resolution. This gives attackers the ability to more easily orient themselves in the network. Rather than limiting the user to a single RID I decided to make it a bit more open ended and allow the user to specify arbitrary RIDs with the option to perform DNS resolution. So this script ended up being a more evolved version of enum4linux. The benefit of enumerid is that you can theoretically compile it into an exe and run it on Windows, although I have not personally tested this.
enumeration rid active-directory reconnaissance impacketdelator - Golang-based subdomain miner leveraging certificate transparency logs
DELATOR (lat. informer) is a tool to perform subdomain enumeration and initial reconnaissance through the abusing of certificate transparency (CT) logs. It expands on the original work done by Sheila A. Berta with her CTFR tool and leverages the speed and power of Go. To run DELATOR a domain (-d) and search source (-s) must always be specified.
subdomain-scanner subdomains subdomainlist pentesting reconnaissance recon threat-intelligence threatintel pentest-tool certificate-transparency-logs penetration-testing certificate-transparency-abusegetJS - A tool to fastly get all javascript sources/files
getJS is a tool to extract all the javascript files from a set of given urls. varying from completing the urls, to resolving the files.
files parser goquery extract urls recon reconnaissance pentesting bugbounty hackinghunter - 🐺 Command-line application and golang client library for hunter.io
Command-line application and golang client library for hunter.io. The command-line application has three major commands search, find, and verify. All three of these commands output JSON. This makes parsing the infromation easy, especially using command-line tools like jq.
hunterio email-verification email-finder command-line reconnaissanceportforge.cr - A script which opens multiple sockets from a specific port range you input.
This script is intended to open as many sockets as you which between 1024 - 65535. Lower than 1024 works too but you have to be a root user for that. This can be useful when you don't want people to map out your device and see what you're running and not, so it's a small step to defeat reconnaissance.
crystal crystal-language crystal-lang socket sockets defense protection reconnaissanceseeker - Find GeoLocation with High Accuracy...
Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your loction just like many popular location based websites. This tool is a Proof of Concept and is for Educational Purposes Only, Seeker shows what data a malicious website can gather about you and your devices and why you should not click on random links and allow critical permissions such as Location etc.
geolocation longitude latitude accuracy altitude reconnaissance system-informationquick-recon.py - Do some quick reconnaissance on a domain-based web-application
Do some quick reconnaissance on a domain-based web-application. This is very useful if you test a single web-application or domain and don't have time (mood) to gather information manually.
bugbounty osint pentesting reconnaissanceScreenShooter - Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis
"ScreenShooter" will take a masscan-result by default. If you want to use a list of subdomains add -s as additional parameter.
bugbounty pentesting reconnaissancerecon-my-way - This repository created for personal use and added tools from my latest blog post.
This repository contains the tools and scripts, I added in my recent blog post "Recon-My way" and I personally use. Note: All credits goes to the original developers of the tools listed in this repository. I do not own any of the tool listed in this repository.
bugbounty reconnaissance recon security-tools testing-tools subdomain-bruteforcing aws-s3 takeover-subdomainCloudScraper - CloudScraper: Tool to enumerate targets in search of cloud resources
This tool was inspired by a recent talk by Bryce Kunz. The talk Blue Cloud of Death: Red Teaming Azure takes us through some of the lesser known common information disclosures outside of the ever common S3 Buckets. To add keywords, simply add to the list in the parser function.
hacking bugbounty aws azure digitalocean reconnaissance
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
