Introduction Dr. ROBOT is a tool for Domain Reconnaissance and Enumeration. By utilizing containers to reduce the overhead of dealing with dependencies, inconsistency across operating sytems, and different languages, Dr. ROBOT is built to be highly portable and configurable. Use Case: Gather as many public facing servers that a target organization possesses. Querying DNS resources […]
Theo aims to be an exploitation framework and a blockchain recon and interaction tool. Features: Automatic smart contract scanning which generates a list of possible exploits. Sending transactions to exploit a smart contract. Transaction pool monitor. Web3 console Frontrunning and backrunning transactions. Waiting for a list of transactions and sending out others. Estimating gas for […]
Attack Surface Mapper is a reconaissaince tool that uses a mixture of open source intelligence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and […]
ADRecon provides a holistic picture of the current state of AD environment. This tool can be used by Blue Team, Purple Team, Red Team, System Administrators or just security professional to extract and combines various artifacts out of an AD environment. The information can be presented in a specially formatted Microsoft Excel report that includes […]
Reconnoitre is a reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. Ways to use this tool: Scan a single host, create a […]
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services. It is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP). It may also be useful in real-world engagements. The tool works by firstly performing port scans / service detection scans. From those initial results, […]
AutoRecon is an enumeration tool that performs automated enumeration with multi-threaded capabilities. It is purposely built to be used for CTFs, exams (like OSCP) and other penetration testing environments for saving as much time as possible. This tool works by performing port scans/service detection scans, and then as per the result of the scan, it […]
Buster is an advanced OSINT tool used to: Get social accounts from various sources(gravatar,about.me,myspace,skype,github,linkedin,previous breaches) Get links to where the email was found using google,twitter,darksearch and paste sites Get breaches of an email Get domains registered with an email (reverse whois) Generate possible emails and usernames of a person Find the email of a social […]
Reconnoitre is a tool that was created to automate routine actions within the OSCP lab environment. It is a simple script, which can automate information gathering and service enumeration. It searches for the live hosts, and performs a scan on the hosts that are found, enumerates its detected services and sends commands to it. The […]
Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. Features Sub Domain Scraping Finding A.S.N -> Netblocks -> IP’s Resolving Finding Ports […]
Osmedeus allows you to run a collection of tools to simplify the reconnaissance and vulnerability scanning phase against the target. Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. IP Discovery. CORS Scan. SSL Scan. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and […]
Osmedeus is a fully automated tool that allows you to run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage. ./osmedeus.py -t example.com Installation in detail For Kali Linux […]
Got a huge list of targets that you’d like to enumerate but can’t really visit each and every IP individually to see what service they might be running? Enters Eyewitness, it’s a tool written by Christopher Truncer written in Python which can scan a range of IP’s and URLs that then takes a screenshot of […]
Got a huge list of targets that you’d like to enumerate but can’t really visit each and every IP individually to see what service they might be running? Enters Eyewitness, it’s a tool written by Christopher Truncer written in Python which can scan a range of IP’s and URLs that then takes a screenshot of […]
Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between different types of information which comes quite handy in many situations. Graph theory algorithms also help with diffing, searching, like finding the shortest […]
MALTEGO INTRO:- According to ethical hacking courses, Maltego is a tool used in information gathering. This tool is developed and maintained by paterva. This tool is widely used by pentester. Using Maltego will allow you to reconnaissance on the target, mention ethical hacking investigators. Maltego is the cross-platform application available in linux as well as […]
One of the most advanced tools to scan phone numbers using only free resources. The goal is to first gather basic information such as country, area, carrier and line type on any international phone numbers with a very good accuracy. Then try to determine the VoIP provider or search for footprints on search engines to […]
SpiderFoot is an open source intelligence (OSINT) automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN or person’s name. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about […]
Recon-ng is a tool written in python mostly used in information gathering with its independent modules, keys list and other modules. This tool is preloaded with lots of modules which use online search engines, plugins and API which can help in gathering the information of the target. Ethical hacking research of iicybersecurity says that this tool […]
Automatic Reconnaisance and Scanning in Penetration Testing What is Osmedeus? Osmedeus allow you to doing boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus chmod +x install.sh ./install.sh How to use Doing normal routine include: Subdomain Scanning, Subdomain TakeOver Scanning, […]
Recon-ng is a reconnaissance framework that can perform open source web based information gathering for a given target. Recon-ng is loaded with different type of modules, such as reconnaissance, reporting, import, discovery, and exploitation modules. The type of information that can be gathered with these modules include contacts, credentials, social media profiles, and handful of […]