#recon

BugBountyScanner on offsec.tools
BugBountyScanner

A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use.

Scopein on offsec.tools
Scopein

A Go tool for scope management.

kiterunner on offsec.tools
kiterunner

Contextual content discovery tool.

bbrf on offsec.tools
bbrf

Help you coordinate your reconnaissance workflows across multiple devices.

Haylxon on offsec.tools
Haylxon

Blazing-fast tool to grab screenshots of your domain list right from terminal.

subnerium on offsec.tools
subnerium

A fast passive subdomain enumeration tool that uses various sources to gather data.

SubGPT on offsec.tools
SubGPT

Find subdomains with GPT, for free.

Unforce on offsec.tools
Unforce

Salesforce lightning recon and exploitation tool.

GPT_Vuln-Analyzer on offsec.tools
GPT_Vuln-Analyzer

A powerful network scanner, DNS recon, subdomain enumeration and IP Geolocator tool powered by GPT.

nmapAutomater on offsec.tools
nmapAutomater

Automate the process of enumeration & recon that is run every time.

autopwn on offsec.tools
autopwn

Specify targets and run sets of tools against them.

R3C0Nizer on offsec.tools
R3C0Nizer

The first ever CLI based menu-driven web application B-Tier recon framework.

hunter.how on offsec.tools
hunter.how

Internet search engines for security researchers.

favirecon on offsec.tools
favirecon

Use favicon.ico to improve your target recon phase.

SimplyEmail on offsec.tools
SimplyEmail

Email recon made fast and easy, with a framework to build on.

Rock-ON on offsec.tools
Rock-ON

All in one recon tool that just get a single domain name and do all of the work alone.

PhoneInfoga on offsec.tools
PhoneInfoga

Information gathering framework for phone numbers.

RED HAWK on offsec.tools
RED HAWK

All in one tool for information gathering, vulnerability scanning and crawling.

Dome on offsec.tools
Dome

Script that makes active and/or passive scan to obtain subdomains and search for open ports.

Metabigor on offsec.tools
Metabigor

Intelligence tool to do OSINT tasks and more but without any API key.

GitHarvester on offsec.tools
GitHarvester

Tool used for harvesting information from GitHub.

certSniff on offsec.tools
certSniff

A certificate transparency log keyword sniffer written in Python.

Shodan on offsec.tools
Shodan

Search engine for Internet-connected devices.

Netlas.io on offsec.tools
Netlas.io

Netlas.io is the network atlas of Internet. IP, DNS, Web, IoT devices, and etc.

AORT on offsec.tools
AORT

All in one recon tool for bug bounty.

hardCIDR on offsec.tools
hardCIDR

Discover the netblocks or ranges (in CIDR notation) owned by the target organization.

DirBuster on offsec.tools
DirBuster

Multi threaded application to brute force directories and files names on web/application servers.

Subra on offsec.tools
Subra

A Web-UI for subdomain enumeration.

IntelSpy on offsec.tools
IntelSpy

Perform automated network reconnaissance scans to gather network intelligence.

Rekono on offsec.tools
Rekono

Execute full pentesting processes combining multiple hacking tools automatically.

gwdomains on offsec.tools
gwdomains

Sub domain wild card filtering tool.

pown.js on offsec.tools
pown.js

Security testing and exploitation toolkit.

LazyHunter on offsec.tools
LazyHunter

A framework that provides a web UI to commonly used Bug Hunting/Pentesting tools.

MagicRecon on offsec.tools
MagicRecon

A powerful shell script to maximize the recon and data collection process.

vhosts-sieve on offsec.tools
vhosts-sieve

Searching for virtual hosts among non-resolvable domains.

The XSS rat on offsec.tools
The XSS rat

The XSS rat YouTube channel.

Angry IP Scanner on offsec.tools
Angry IP Scanner

Fast and simple-to-use open-source/cross-platform network scanner.

dirhunt on offsec.tools
dirhunt

Find web directories without bruteforce.

cc.py on offsec.tools
cc.py

Extracting URLs of a specific target based on the results of commoncrawl.org.

curate on offsec.tools
curate

A tool for fetching archived URLs.

ScreenShooter on offsec.tools
ScreenShooter

Convert your masscan/subdomain-scan results into screenshots for better analysis.

TLD Scanner on offsec.tools
TLD Scanner

Scan all possible TLD's for a given domain name.

Web Crawler Security Tool on offsec.tools
Web Crawler Security Tool

A web crawler oriented to infosec.

WhatsMyName on offsec.tools
WhatsMyName

Enumerate usernames across many websites.

FireShodanMap on offsec.tools
FireShodanMap

Realtime map that integrates Firebase, Google Maps and Shodan.

CTFR on offsec.tools
CTFR

Abusing Certificate Transparency logs for getting HTTPS websites subdomains.

ChopChop on offsec.tools
ChopChop

Scan endpoints and identify exposition of sensitive services/files/folders.

Fingerprinter on offsec.tools
Fingerprinter

CMS/LMS/Library etc Versions Fingerprinter.

ASNLookup on offsec.tools
ASNLookup

Leverage ASN to look up IP addresses owned by a specific organization.

STÖK Fredrik on offsec.tools
STÖK Fredrik

STÖK Fredrik YouTube channel.

NahamSec on offsec.tools
NahamSec

NahamSec Twitch channel.

Certificate Ripper on offsec.tools
Certificate Ripper

A CLI tool to extract server certificates.

ffuf on offsec.tools
ffuf

Fast web fuzzer written in Go.