recon

There are 815 repositories under recon topic.

  • smicallef/spiderfoot

    SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

    Language:Python12k3635762.1k
  • amass

    owasp-amass/amass

    In-depth attack surface mapping and asset discovery

    Language:Go11.4k2106361.8k
  • theHarvester

    laramies/theHarvester

    E-mails, subdomains and names Harvester - OSINT

    Language:Python10.6k2924241.9k
  • OneForAll

    shmilylty/OneForAll

    OneForAll是一款功能强大的子域收集工具

    Language:Python7.9k1013041.3k
  • rengine

    yogeshojha/rengine

    reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

    Language:Python7.1k1457751.1k
  • reconftw

    six2dez/reconftw

    reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

    Language:Shell5.4k101442875

  • GhostTroops/scan4all

    Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

    Language:Go5.3k62107638

  • urbanadventurer/WhatWeb

    Next generation web scanner

    Language:Ruby5.2k175215885

  • s0md3v/Arjun

    HTTP parameter discovery suite.

    Language:Python4.9k88141772
  • hakrawler

    hakluke/hakrawler

    Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

    Language:Go4.3k58103481
  • h8mail

    khast3x/h8mail

    Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

    Language:Python4k125130501

  • blacklanternsecurity/bbot

    A recursive internet scanner for hackers.

    Language:Python3.9k33671357

  • leebaird/discover

    Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

    Language:PowerShell3.4k201132818

  • S3cur3Th1sSh1t/WinPwn

    Automation for internal Windows Penetrationtest / AD-Security

    Language:PowerShell3.2k8144505

  • gwen001/pentest-tools

    A collection of custom security tools for quick needs.

    Language:Python3.1k10713773

  • dwisiswant0/awesome-oneliner-bugbounty

    A collection of awesome one-liner scripts especially for bug bounty tips.

    2.5k7718551

  • projectdiscovery/uncover

    Quickly discover exposed hosts on the internet using multiple search engines.

    Language:Go2.3k3766189

  • s0md3v/Striker

    Striker is an offensive information and vulnerability scanner.

    Language:Python2.2k11863451

  • m0rtem/CloudFail

    Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

    Language:Python2.2k6486461

  • bhavsec/reconspider

    🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

    Language:Python1.9k6845301
  • sn0int

    kpcyrd/sn0int

    Semi-automatic OSINT framework and package manager

    Language:Rust1.9k42105175

  • redhuntlabs/Awesome-Asset-Discovery

    List of Awesome Asset Discovery Resources

    1.9k736316

  • s0md3v/ReconDog

    Reconnaissance Swiss Army Knife

    Language:Python1.7k8230337

  • Sh1Yo/x8

    Hidden parameters discovery suite

    Language:Rust1.6k2450137
  • puredns

    d3mondev/puredns

    Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.

    Language:Go1.6k2542150
  • urlhunter

    utkusen/urlhunter

    a recon tool that allows searching on URLs that are exposed via shortener services

    Language:Go1.5k6413102

  • v-byte-cpu/sx

    :vulcan_salute: Fast, modern, easy-to-use network scanner

    Language:Go1.4k1615107

  • BishopFox/GitGot

    Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

    Language:Python1.4k4212201

  • edoardottt/cariddi

    Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

    Language:Go1.4k1360146
  • observer_cli

    zhongwencool/observer_cli

    Visualize Erlang/Elixir Nodes On The Command Line

    Language:Erlang1.4k394082

  • m3n0sd0n4ld/GooFuzz

    GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

    Language:Shell1.3k2110132
  • asn

    nitefood/asn

    ASN / RPKI validity / BGP stats / IPv4v6 / Prefix / URL / ASPath / Organization / IP reputation / IP geolocation / IP fingerprinting / Network recon / lookup API server / Web traceroute server

    Language:Shell1.2k3346149
  • metabigor

    j3ssie/metabigor

    OSINT tools and more but without API key

    Language:Go1.2k2324168

  • Viralmaniar/BigBountyRecon

    BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

    Language:C#1.1k398232

  • trickest/inventory

    Asset inventory of over 800 public bug bounty programs.

    Language:Shell1.1k506202

  • chainreactors/gogo

    面向红队的, 高度可控可拓展的自动化引擎

    Language:Go1.1k2533122