Reconnaissance Swiss army knife Main Features Wizard and CLA interface You can extract targets from STDIN (channeled input) and act on them According to specialists in digital forensics from the International Institute of Cyber Security, all information is extracted with API, and no direct contact is established with the target Utilities Censys: uses censys.io to collect a […]
BadKarma is a GUI based network reconnaissance tool that can gather useful network information at any stage of the penetration testing process. The tool is loaded with some top level reconnaissance and active scanning modules, such as nmap, masscan, shodan, searchsploit, metasploit, dnsrecon, dnsenum, and Whois information resource. The user can select any of these […]
Reconnaissance Swiss Army Knife Main Features Wizard + CLA interface Can extracts targets from STDIN (piped input) and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys: Uses censys.io to gather massive amount of information about an IP address. NS Lookup: Does name server […]
Reconnaissance Swiss Army Knife Main Features Wizard + CLA interface Can extracts targets from STDIN (piped input) and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys: Uses censys.io to gather massive amount of information about an IP address. NS Lookup: Does name server […]
bettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks. How to Install A precompiled version is available for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary. Make sure you have a correctly configured Go […]
RemoteRecon provides the ability to execute post-exploitation capabilities against a remote host, without having to expose your complete toolkit/agent. Often times as operator’s we need to compromise a host, just so we can keylog or screenshot (or some other miniscule task) against a person/host of interest. Why should you have to push over beacon, empire, […]
DNSRecon is a python script used for DNS information gathering. DNS information about a target is an essential requirement for every penetration tester. DNS information helps in mapping the network infrastructure of the target host. DNSRecon is a DNS reconnaissance tool that can perform a variety of enumerations, such as standard record enumeration, Zone transfer, […]
badKarma is a python3 GTK+ toolkit that aim to assist penetration testers during all the network infrastructure penetration testing activity phases. It allow testers to save time by having point-and-click access to their toolkits, launch them against single or multiple targets and interacte with them through semplified GUIs or Terminals. Every task’s output is logged […]
TIDoS framework is a python based toolkit that performs a comprehensive audit of the web applications. The toolkit is packed with a number of modules with specific objectives, such as reconnaissance, open source intelligence, scanning + enumeration, and vulnerabilities analysis. TIDoS framework can perform both types of reconnaissance i-e active and passive reconnaissance. In passive […]
Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon’s scans are independent […]
Gitrob is a command line device which will help organizations and security professionals discover delicate data lingering in publicly accessible recordsdata on GitHub. The device will iterate over all public group and member repositories and match filenames in opposition to a spread of patterns for recordsdata that sometimes comprise delicate or harmful data. Looking for […]
Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security’s premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. SN1PER PROFESSIONAL FEATURES: Professional reporting interface Slideshow […]
A team of information security experts explains that a domain name represents some kind of label for IP addresses on the Internet. Since some companies move their infrastructure to the cloud, we must find business servers in the set of IP addresses in the cloud, such as finding a needle in a haystack. This is […]
Sandmap is a tool supporting network and system reconnaissance using the massive Nmap engine. It provides a user-friendly interface, automates and speeds up scanning and allows you to easily use many advanced scanning techniques. Key Features simple CLI with the ability to run pure Nmap engine predefined scans included in the modules support Nmap Scripting Engine (NSE) TOR support (with proxychains) multiple scans at […]
AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots […]
This application locates and compiles information about online personalities, given a username and/or email address. Use this to investigate your own online presence, summarize the digital footprint of someone you know, or uncover the person behind a specific username. Getting Started Clone or fork the repo to your machine. Once downloaded, cd into the osint-scraper […]
ADRecon is a tool which extracts various artifacts (as highlighted below) out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD environment. The tool is useful to various classes […]
Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require that you already know what IP space you are looking for. This does not perform exploitation and does not scan the whole […]
Zeus is an advanced reconnaissance utility designed to make web application reconnaissance simple. Zeus comes complete with a powerful built-in URL parsing engine, multiple search engine compatibility, the ability to extract URLs from both ban and webcache URLs, the ability to run multiple vulnerability assessments on the target, and is able to bypass search engine […]
Sn1per is an automated pentest recon scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features: Automatically collects basic recon (ie. whois, ping, DNS, etc.) Automatically launches Google hacking queries against a target domain Automatically enumerates open ports via NMap port scanning Automatically brute forces sub-domains, gathers DNS info […]
Intelligence and Reconnaissance Package/Bundle installer. IntRec-Pack is a Bash script designed to download, install and deploy several quality OSINT, Recon and Threat Intelligence tools. Due to the fact it manages the installation of the various dependencies related to these programs as well it aims to be a comprehensive assistant in setting up your intelligence gathering […]