Reconnaissance
Showing 35 of 35 projects
An advanced information gathering framework for scanning international phone numbers to collect OSINT data.
Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.
Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.
A fast, passive subdomain enumeration tool for security researchers and penetration testers.
A PowerShell post-exploitation framework for penetration testers, providing modules for code execution, persistence, reconnaissance, and credential theft.
A Python tool for fast subdomain enumeration using OSINT and bruteforce, designed for penetration testers and bug hunters.
A community-curated collection of payloads, tools, and techniques for bug bounty hunters and security researchers.
A reconnaissance tool that finds potentially sensitive files in public GitHub repositories for security analysis.
A tool for visual inspection of websites across many hosts, providing an overview of HTTP-based attack surfaces.
A modular reconnaissance framework for conducting open source intelligence (OSINT) gathering from web-based sources.
A Python script that discovers endpoints and their parameters in JavaScript files for penetration testing and bug hunting.
A Golang command-line utility that uses Chrome Headless to capture website screenshots and gather web data.
A high-performance DNS brute-force tool for enumerating subdomains during penetration testing.
A high-performance offensive security tool for reconnaissance, vulnerability scanning, and information gathering.
A command-line information gathering tool for websites, phone numbers, emails, and domains.
A semi-automatic OSINT framework and package manager for gathering intelligence and enumerating attack surfaces.
A network OSINT tool that automates subdomain enumeration, service fingerprinting, and data collection via Shodan and ViewDNS APIs.
A deprecated collection of PowerShell tools for offensive security operations and penetration testing.
An advanced search and automation tool for mining code and sensitive information from public GitHub repositories.
A reconnaissance tool that gathers information about targets using APIs without direct contact.
A comprehensive offensive web application penetration testing framework with 108 modules covering reconnaissance to vulnerability analysis.
A comprehensive offensive web application penetration testing framework with 108 modules covering reconnaissance to vulnerability analysis.
A virtual host scanner for penetration testing that performs reverse lookups, detects catch-all scenarios, and works around wildcards and aliases.
A collection of Python scripts for AWS penetration testing, reconnaissance, exploitation, and persistence.
Legion is a semi-automated network penetration testing framework for discovery, reconnaissance, and exploitation.
A LinkedIn information gathering tool for penetration testers to collect employee data from organizations.
A free and open-source Ruby toolkit for security research and development, featuring CLI commands and libraries for encoding, networking, exploits, and more.
A modular OSINT honeypot that monitors adversary reconnaissance attempts and generates early-warning intelligence for blue teams.
A modular attack toolkit for Azure DevOps Services that leverages the REST API for reconnaissance, privilege escalation, and persistence.
A free and open-source scanner that identifies installed components, extensions, and files in Joomla CMS websites.
A tool that extracts all GraphQL endpoints from a given domain using subdomain enumeration, script analysis, and brute force.
A WordPress honeypot that detects probes for plugins, themes, and common files used to fingerprint WordPress installations.
A Python tool that queries Google's SSL transparency report to discover subdomains and identify expired certificates.
Parse NTLM challenge messages from HTTP, SMB, and MSSQL endpoints to extract server information for security testing.
A fast GraphQL discovery and fingerprinting toolbox for security testing and reconnaissance.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.