recon
There are 815 repositories under recon topic.
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
owasp-amass/amass
In-depth attack surface mapping and asset discovery
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
shmilylty/OneForAll
OneForAll是一款功能强大的子域收集工具
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
GhostTroops/scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
urbanadventurer/WhatWeb
Next generation web scanner
s0md3v/Arjun
HTTP parameter discovery suite.
hakluke/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
khast3x/h8mail
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
leebaird/discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
S3cur3Th1sSh1t/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
gwen001/pentest-tools
A collection of custom security tools for quick needs.
dwisiswant0/awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
s0md3v/Striker
Striker is an offensive information and vulnerability scanner.
m0rtem/CloudFail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
bhavsec/reconspider
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
kpcyrd/sn0int
Semi-automatic OSINT framework and package manager
redhuntlabs/Awesome-Asset-Discovery
List of Awesome Asset Discovery Resources
s0md3v/ReconDog
Reconnaissance Swiss Army Knife
Sh1Yo/x8
Hidden parameters discovery suite
d3mondev/puredns
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
utkusen/urlhunter
a recon tool that allows searching on URLs that are exposed via shortener services
v-byte-cpu/sx
:vulcan_salute: Fast, modern, easy-to-use network scanner
BishopFox/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
edoardottt/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
zhongwencool/observer_cli
Visualize Erlang/Elixir Nodes On The Command Line
m3n0sd0n4ld/GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
nitefood/asn
ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server
j3ssie/metabigor
OSINT tools and more but without API key
Viralmaniar/BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
trickest/inventory
Asset inventory of over 800 public bug bounty programs.
chainreactors/gogo
面向红队的, 高度可控可拓展的自动化引擎