RED_HAWK - All in one tool for Information Gathering, Vulnerability Scanning and Crawling

•    PHP

---

RED HAWK's CMS Detector currently is able to detect the following CMSs (Content Management Systems) in case the website is using some other CMS, Detector will return could not detect. Want to contribute to RED HAWK or point out something wrong? Just create a new issue here: https://github.com/Tuhinshubhra/RED_HAWK/issues/new I'd love to hear from you.

scanner crawler information-gathering admin-scanner backups-finder sql-vulnerability-scannig cms-detector cloudflare-detection geo-ip subdomain-scanner reverse-ip-scan whois-lookup subnet-lookup http-header sql-scanner wordpress wordpress-scanner mx-lookup domain-authority-scanner page-authority-scanner

subfinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for websites

•    Go

---

SubFinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and has been aimed as a successor to sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by altdns to generate permutations and resolve them quickly using a powerful bruteforcing engine. It can also perform plain bruteforce if needed. The tool is highly customizable, and the code is built with a modular approach in mind making it easy to add functionalities and remove errors. We have designed SubFinder to comply with all passive sources licenses, and usage restrictions, as well as maintained a consistently passive model to make it useful to both penetration testers and bug bounty hunters alike.

subdomain subdomain-enumeration subdomain-bruteforcing bruteforcing hacking bug-bounty penetration-testing reconaissance subdomain-scanner enumeration discover-services hacking-tool security-tools security-audit security-scanner subdomain-brute subdomain-takeover osint osint-resources pentesting

Th3inspector - Th3Inspector 🕵️ Best Tool For Information Gathering 🔎

•    Perl

---

Th3Inspector 🕵️ Best Tool For Information Gathering 🔎

information-gathering reverse-phone-lookup mx-lookup whois-lookup geo-ip cloudflare age-check user-agent port-scanner credit-card-scaning subdomain-scanner email-validation cms-detector dns-record reverse-ip-scan traceroute geoip whois lookup iplocation

ESD - Enumeration sub domains(枚举子域名)

•    Python

---

Enumeration sub domains(枚举子域名)

subdomain-scanner subdomain-brute security-scanner security-tools

censys-subdomain-finder - ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys

•    Python

---

This is a tool to enumerate subdomains using the Certificate Transparency logs stored by Censys. It should return any subdomain who has ever been issued a SSL certificate by a public CA. Should run on Python 2.7 and 3.5.

subdomain-scanner subdomains pentest-tool osint recon enumerate-subdomains certificate-transparency-logs

delator - Golang-based subdomain miner leveraging certificate transparency logs

•    Go

---

DELATOR (lat. informer) is a tool to perform subdomain enumeration and initial reconnaissance through the abusing of certificate transparency (CT) logs. It expands on the original work done by Sheila A. Berta with her CTFR tool and leverages the speed and power of Go. To run DELATOR a domain (-d) and search source (-s) must always be specified.

subdomain-scanner subdomains subdomainlist pentesting reconnaissance recon threat-intelligence threatintel pentest-tool certificate-transparency-logs penetration-testing certificate-transparency-abuse

recon-raven - Reconnaissance tool of Penetration test & Bug Bounty

•    Ruby

---

Reconnaissance tool of Penetration test & Bug Bounty

security-scanner reconnaissance hacking-tool subdomain-scanner subdomain-takeover