reconnaissance
There are 1400 repositories under reconnaissance topic.
sherlock-project/sherlock
Hunt down social media accounts by username across social networks
qeeqbox/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
soxoj/maigret
🕵️♂️ Collect a dossier on a person by username from thousands of sites
sundowndev/phoneinfoga
Information gathering framework for phone numbers
laramies/theHarvester
E-mails, subdomains and names Harvester - OSINT
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
lockfale/OSINT-Framework
OSINT Framework
thewhiteh4t/seeker
Accurately Locate Smartphones using Social Engineering
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
daffainfo/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
j3ssie/osmedeus
A Workflow Engine for Offensive Security
michenriksen/aquatone
A Tool for Domain Flyovers
hakluke/hakrawler
Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Threekiii/Awesome-Redteam
一个攻防知识库。A knowledge base for red teaming and offensive security.
leebaird/discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
blechschmidt/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
evyatarmeged/Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
edoardottt/cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
thewhiteh4t/FinalRecon
All In One Web Recon
bhavsec/reconspider
🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.
jasonxtn/Argus
The Ultimate Information Gathering Toolkit
kpcyrd/sn0int
Semi-automatic OSINT framework and package manager
screetsec/Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
danieldurnea/FBI-tools
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
redhuntlabs/Awesome-Asset-Discovery
List of Awesome Asset Discovery Resources
0xSobky/HackVault
A container repository for my public web hacks!
lkarlslund/Adalanche
Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?
skavngr/rapidscan
:new: The Multi-Tool Web Vulnerability Scanner.
0xInfection/TIDoS-Framework
The Offensive Manual Web Application Penetration Testing Framework.
mschwager/fierce
A DNS reconnaissance tool for locating non-contiguous IP space.
trickest/wordlists
Real-world infosec wordlists, updated regularly
BishopFox/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
m3n0sd0n4ld/GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
projectdiscovery/shuffledns
MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filtering and easy input-output support.