Reconnaissance and OSINT
105 tools found
Cobra
All-in-one tool with pre-built Go and Python tools for easier hacking and reconnaissance.
D4TA-HUNTER
Automates information gathering on company employees for ethical hacking audits.
SCANNER-INURLBR
PHP tool for advanced search engine queries, capturing and validating emails/URLs via GET/POST.
STRX
Modular Linux string manipulation tool for OSINT, pentesting, and data analysis.
SecretOpt1c
Tool for Red Teams, Pentesters, and Bug Bounty Hunters that finds sensitive info on websites using active and passive techniques.
CHOMTE.SH
Versatile framework for automated reconnaissance in pentesting, with scanning and reporting.
FOCA
Analyzes documents to extract metadata and hidden info from files like PDF, DOC, and more.
Katana
Fast, configurable web crawler with Standard/Headless modes and JavaScript parsing.
Web Sherlock
Web interface for username investigation across 400+ social media platforms.
Expired Domains
Search and analyze expired domains focusing on SEO, backlinks, and threat intelligence.
Sudomy
Subdomain enumeration tool with advanced domain recon and OSINT capabilities.
Bounty Targets Data
Collects HackerOne and Bugcrowd bounty scopes to aid recon and program targeting.
CloudFlare Origin IP
Tries to discover the real origin IP of web apps protected by Cloudflare.
bbscope
Aggregates public bug bounty scopes for easier recon and efficient scope management.
WildCrawl
Bash script for deep target crawling: collects DNS, emails, IPs, titles, and file types.
WitnessMe
Web inventory tool using headless browser to capture and analyze websites.
GooFuzz
Bash script using advanced Google search for sensitive info without web requests.
Scilla
Information gathering tool: DNS, subdomains, ports, and directory enumeration.
adidnsdump
Tool to enumerate and export DNS records from Active Directory zones for reconnaissance.
LDAPDomainDump
Collects and parses LDAP information from AD domains, exporting to human and machine-readable formats.
whatweb
Identifies website technologies, CMS, servers, libraries, and more, with over 1700 plugins.
FireShodanMap
Real-time map of Shodan vulnerable devices, integrated with Firebase for analysis.
ScanCannon
Bash script for credential attack surface enumeration and large network reconnaissance.
Raccoon
Offensive security tool for detailed reconnaissance and information gathering.
IntelSpy
Multi-threaded tool for automated network reconnaissance and service enumeration.
osintui
Terminal user interface for performing Open Source Intelligence (OSINT) collection.
AttackSurfaceMapper
Reconnaissance tool expanding attack surface using OSINT and active techniques.
