#Recon
Showing 60 of 235 repositories tagged #recon, ranked by stars
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
E-mails, subdomains and names Harvester - OSINT
In-depth attack surface mapping and asset discovery
The recursive internet scanner for hackers. ๐งก
OneForAllๆฏไธๆฌพๅ่ฝๅผบๅคง็ๅญๅๆถ้ๅทฅๅ ท
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A modern platform for visual, flexible, and extensible graph-based investigations. For cybersecurity analysts and investigators.
Next generation web scanner
HTTP parameter discovery suite.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( อกยฐ อส อกยฐ)...
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
AI-powered bug bounty hunting from your terminal - recon, 20 vuln classes, autonomous hunting, and report generation. All inside Claude Code.
๐ก Comprehensive collection of OSINT tools for cybersecurity professionals, researchers, and bug bounty hunters. Topics: information gathering, reverse search, red team, trust & safety, AI.
Automation for internal Windows Penetrationtest / AD-Security
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
A collection of custom security tools for quick needs.
Quickly discover exposed hosts on the internet using multiple search engines.
๐ Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
Community-maintained dataset of 700+ websites for finding accounts by username โ powers OSINT and digital footprint tools.
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Semi-automatic OSINT framework and package manager
Conference presentation slides
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
้ขๅ็บข้็, ้ซๆง่ฝ้ซๅบฆ่ช็ฑๅฏๆๅฑ็่ชๅจๅๆซๆๅผๆ | A highly controllable and extensionable automated scanning engine for red teams
Hidden parameters discovery suite
a recon tool that allows searching on URLs that are exposed via shortener services
OSINT tools and more but without API key
Asset inventory of over 800 public bug bounty programs.
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
:vulcan_salute: Fast, modern, easy-to-use network scanner
Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.
An advanced tool for email reconnaissance
Making Favicon.ico based Recon Great again !
๐ Curated OSINT & recon toolkit for Kali Linux โ 100+ tools, one-command installer, covering SOCMINT, GEOINT, network recon, dark web, forensics & more.
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.
A OSINT tool which helps you to quickly find information effectively. All you need is to input and it will take take care of rest.
ๅบไบARL-V2.6.2ไฟฎๆนๅ็็ๆฌ
Advanced reconnaissance utility
OSINT Project. Collect information from a mail. Gather. Profile. Timeline.
Email recon made fast and easy, with a framework to build on
Infosec Wordlists and more.
A fast WordPress plugin enumeration tool
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text
A tool to fastly get all javascript sources/files
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
๐A Curated List Of Modern Android Exploitation Conference Talks
ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
SIEM Tactics, Techiques, and Procedures
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.
Python 3.5+ DNS asynchronous brute force utility
Open-source attack surface management and authorized security automation platform for asset discovery, service probing, scan orchestration, and security result management.