Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Reconnaissance

Reconnaissance refers to the process of gathering information about a target system, network, or organization, typically before launching an attack. The goal of recon is to understand the targetโ€™s vulnerabilities, systems, and defenses to increase the likelihood of a successful breach or to defend a network by identifying its weak points.

https://github.com/melbadry9/ScanApi

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.

bugbounty recon s3-bucket-scanner subdomains-enumeration

Last synced: 21 Nov 2024

https://github.com/mathis2001/webhackurls

Simple python OSINT tool for urls recon thanks to the waybackmachine.

bugbounty osint pentesting recon wayback-machine webarchive

Last synced: 11 Nov 2024

https://github.com/west-wind/LAR

Light Armoured Recon is a python script designed to automate passive recon. It automates execution of TheHarvester, whois, Robtex.com, Builtwith.com, DNSrecon, metagoofil, & knockpy.

automation builtwith dnsrecon metagoofil passive-check passive-vulnerability-scanner penetration-testing pentest-scripts python python-script recon shell-script theharvester

Last synced: 06 Nov 2024

https://github.com/mattmoony/d4v1d

Social-Media OSINT tool - gather info on users across multiple platforms; easily extensible by design. ๐Ÿ“ท

graph information-gathering instagram network osint py python recon reconnaissance scraper social-network web

Last synced: 24 Jan 2025

https://github.com/gosecure/burp-ntlm-challenge-decoder

Burp extension to decode NTLM SSP headers and extract domain/host information

burp extension ntlm osint recon security ssp windows

Last synced: 05 Nov 2024

https://github.com/lekssays/shellfinder

A Simple Tool to Find Shells and Some Interesting Endpoints in Websites

cybersecurity endpoint-discovery python3 recon shell

Last synced: 10 Nov 2024

https://github.com/0xpugal/bounty.sh

simple bash script to earn bounties

bash bugbounty recon reconnaissance shell

Last synced: 08 Nov 2024

https://github.com/sidxparab/subdomain-enumeration-guide

This is a comprehensive Subdomain Enumeration Guide that traces back to my GitBook.

bugbounty pentesting recon reconnaissance subdomain-enumeration

Last synced: 18 Dec 2024

https://github.com/sidxparab/Subdomain-Enumeration-Guide

This is a comprehensive Subdomain Enumeration Guide that traces back to my GitBook.

bugbounty pentesting recon reconnaissance subdomain-enumeration

Last synced: 21 Nov 2024

https://github.com/hacke-rc/rpcscan

RPCSCAN - A python tool to automate all the efforts that you put on finding the xmlrpc.php file on all of your target's subdomains and then finding the vulnerable methods and then finding the reports on hackerone and medium writeups.

bug-bounty bug-bounty-recon hacking hacking-python hacking-tool hacktoberfest hacktoberfest2021 recon termux-hacking termux-tools website-hacking wordpress-hack wpscan xmlrpc

Last synced: 11 Dec 2024

https://github.com/ekultek/gitrekt

Search .git folders for emails and URL's that should otherwise be hidden

email-finder osint recon reconnaissance searcher

Last synced: 12 Nov 2024

https://github.com/yukselberkay/asnap

asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the user to automate initial port and service scanning.

asn automation information-gathering nmap recon

Last synced: 12 Nov 2024

https://github.com/melbadry9/WhoEnum

Mass querying whois records

bugbounty enumeration recon whois

Last synced: 21 Nov 2024

https://github.com/p0dalirius/getfortinetserialnumber

A Python script to extract the serial number of a remote Fortinet device.

certificate fortinet pentest recon serial-number

Last synced: 30 Dec 2024

https://github.com/swanandx/rustywitness

A CLI tool for getting screenshots of URLs using headless chrome

bugbounty cli headless-chrome recon rust web

Last synced: 27 Oct 2024

https://github.com/itsignacioportal/hacker-scoper

Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.

bugbounty bugcrowd enumeration filter go golang hackerone infosec pentesting recon scopes security security-tools websec websecurity

Last synced: 30 Dec 2024

https://github.com/carlospolop/bashReconScan

Bash Recon Scan - Recon and Scan a network using Bash

bash fping nc ncat netcat network oneliner ping port recon scan

Last synced: 06 Nov 2024

https://github.com/melbadry9/cname

CNAME records lookup

bugbounty dns recon

Last synced: 23 Oct 2024

https://github.com/javierolmedo/ipdiscover

๐Ÿ” A simple tool to obtain long lists of ips from domains using goroutines

bugbounty bughunter domain hacking-tool ip recon

Last synced: 29 Nov 2024

https://github.com/xalgord/my-methodologies

Tools and methods that I personally use for Recon and Exploitations

bug-bounty bugbounty penetration-testing pentesting recon xss

Last synced: 21 Jan 2025

https://github.com/carlospolop/bashreconscan

Bash Recon Scan - Recon and Scan a network using Bash

bash fping nc ncat netcat network oneliner ping port recon scan

Last synced: 28 Oct 2024

https://github.com/ItsIgnacioPortal/hacker-scoper

Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.

bugbounty bugcrowd enumeration filter go golang hackerone infosec pentesting recon scopes security security-tools websec websecurity

Last synced: 21 Nov 2024

https://github.com/thelikes/fuzzmost

all manner of wordlists

bugbounty infosec recon wordlist

Last synced: 21 Nov 2024

https://github.com/sam5epi0l/beginner-bug-bounty-automation

Many script that can be modified according to your needs for Information Gathering and Asset discovery in Bug Bounty Hunting (Pull requests are welcome!)

amass bash-script beginner-friendly bug-bounty bugbounty hacking hacking-tools nipe penetration-testing recon reconnaissance starter-kit tor tor-network

Last synced: 22 Nov 2024

https://github.com/zer0yu/xrecon

xrecon is a powerful web fingerprinting tool with CDN detection capabilities

fingerprint recon scan security-tools

Last synced: 01 Dec 2024

https://github.com/JavierOlmedo/ipdiscover

๐Ÿ” A simple tool to obtain long lists of ips from domains using goroutines

bugbounty bughunter domain hacking-tool ip recon

Last synced: 21 Nov 2024

https://github.com/topscoder/fourohme

FourOhMe is a tool for testing HTTP headers on a website in order to try to bypass 40* HTTP codes. Written in Go, so easy to install and fast out of the box.

401 401-bypass 403 403-bypass bugbounty bugbountytips bugbountytricks cli http http-headers osint recon

Last synced: 13 Nov 2024

https://github.com/blacklanternsecurity/public-dns-servers

A CI/CD-verified list of the internet's known-good public DNS servers (from public-dns.info) Updated weekly!

automation bbot cicd cicd-pipeline dns dns-resolver dns-server list massdns nameservers osint pipeline public python python3 recon resolvers

Last synced: 08 Nov 2024

https://github.com/choirurrizal/paraminer

finds hidden parameters

bugbounty php recon

Last synced: 21 Nov 2024

https://github.com/mrcl0wnlab/simplereconsubdomain

This is very basic automated recon script tool.

bugbounty hacking hacking-tool python recon

Last synced: 05 Dec 2024

https://github.com/mhmdiaa/waybackrobots

Enumerate old versions of robots.txt paths using Wayback Machine for content discovery

content-discovery recon robots-txt wayback-machine

Last synced: 28 Nov 2024

https://github.com/Bhagavan-Bollina/BugBounty-Dorks

Highly recommended dorks for bug bounty

bug-bounty-dorks bugbounty dorks recon

Last synced: 21 Nov 2024

https://github.com/sec-it/BFAC-Burp-Extension

Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)

backup-files bugbounty burp-extensions burpsuite pentest recon

Last synced: 21 Nov 2024

https://github.com/daudmalik06/wmb-scrapper

A small Php package to fetch archive url snapshots from archive.org. Using it you can fetch complete list of snapshot urls of any year or complete list of all years possible.This package can be used to do recon of any target.

hacking hacking-tool php recon snapshot snapshot-urls wayback-archiver wayback-machine wmb-scrapper

Last synced: 28 Oct 2024

https://github.com/remonsec/pri0tx

Automation for Open Threat Exchange

automation bugbounty-tool endpoint enumeration recon

Last synced: 02 Dec 2024

https://github.com/tamimhasan404/Nmap-Cheat-Sheet

Here I am trying to show you some cheat-sheet of nmap. Which may help you on penetration testing and bug hunting.

bypass nmap recon scanning scripts

Last synced: 21 Nov 2024

https://github.com/lekssays/kibanarec

A Tool to Extract Open Kibana Instances on Internet and Map them to their Corresponding Organizations for Bug Bounty.

bugbounty kibana recon reconnaissance

Last synced: 10 Nov 2024

https://github.com/davemolk/searcher

Run a base query (plus optional add-ons) through ask, bing, brave, duck duck go, yahoo, and yandex.

go golang infosec osint pentesting pentesting-tools recon research search search-engine security

Last synced: 08 Dec 2024

https://github.com/mathis2001/cert4recon

Simple passive Python Recon tool for subdomains enumeration with crt.sh

bugbounty crt-sh information-gathering osint recon subdomain-enumeration

Last synced: 11 Nov 2024

https://github.com/d3ext/go-recon

External recon toolkit

bugbounty go-recon golang hacking recon toolkit

Last synced: 14 Nov 2024

https://github.com/spicesouls/spicescan

Fingerprinting, Port Scanning, Directory Brute Forcing, it's got it all!

enumeration hacking hacking-tools recon scanning tools

Last synced: 21 Nov 2024

https://github.com/krishpranav/wpscan

wpscan is a vulnerability recognition tool in CMS Wordpress developed in Go.

cms-wordpress enumeration go golang recon vulnerability vulnerability-identification vulnerability-scanners wordpress

Last synced: 15 Oct 2024

https://github.com/umutcamliyurt/jsrecon

A powerful tool designed for identifying hidden endpoints and sensitive information within JavaScript files on a website.

endpoint-discovery hacking-tools infosec recon reconnaissance sensitive-data-discovery sensitive-data-exposure

Last synced: 20 Jan 2025

https://github.com/mrvcoder/getasn

๐ŸŒ Get Some Useful Info From Domain/IP/ASN ๐Ÿ”ฅ

asn-lookup bgpview bugbounty cdn cdn-check cidr cli domain information-gathering osint recon reconnaissance

Last synced: 06 Nov 2024

https://github.com/3nock/ote-templates

Community curated list of templates for the OSINT template engine.

attack-surfaces bugbounty fingerprinting osint recon security templates

Last synced: 05 Jan 2025

https://github.com/j3ssie/str-replace

Simple tools to handle string and generate subdomain permutations

bugbounty hacking infosec pentesting permutations recon subdomain

Last synced: 14 Oct 2024

https://github.com/0xpugal/bugbounty_profile

Automate bug bounty recon using bash alias

bash bash-alias bash-profile bugbounty recon reconnaissance

Last synced: 08 Nov 2024

https://github.com/p0dalirius/listvalidgsuiteemails

A Python script to list valid emails of GSuite accounts.

emails google gsuite osint python recon valid

Last synced: 30 Dec 2024

https://github.com/dreadlocked/dircoverrb

Passive subdomains and web directories recon using Bing.

bing directories-scanner osint recon ruby scapper subdomains

Last synced: 20 Nov 2024

https://github.com/random-robbie/yahoo-bug-bounty

List of hosts from yahoo.com

bugbounty recon yahoo yahoo-bug-bounty

Last synced: 05 Jan 2025

https://github.com/ethicalhackingplayground/bcaem

Fast AEM scope gathering tool for all your public and private BugCrowd Programs

aem aem-tools gathering pentesting-tools recon reconnaissance scope

Last synced: 08 Nov 2024

https://github.com/cosad3s/njsdump

Dump paths & pages from Next.js Manifest

bugbounty nextjs recon security

Last synced: 17 Dec 2024

https://github.com/enenumxela/ps.sh

A wrapper around tools used for port scanning(nmap, naabu & masscan), the goal being reducing scan time, increasing scan efficiency and automating the workflow.

bashscript bashscripting bug-bounty bugbounty bugbounty-tool enumeration masscan naabu netwok-mapping nmap open-port-check open-port-check-script penetration-testing penetration-testing-tools pentesting port-scaning recon reconnaissance service-discovery

Last synced: 06 Nov 2024

https://github.com/freyxfi/bugrecon

An automated bug hunting tool for comprehensive reconnaissance, including subdomain enumeration, port scanning, vulnerability detection, and report generation.

bugbounty bugbounty-tool bugbountytips bughunting hacktoberfest hacktoberfest-accepted hacktoberfest2024 recon reconnaissance

Last synced: 05 Jan 2025

https://github.com/rly0nheart/recon-sh

Lightweight bash reconnaissance tool

open-source recon reconnaissance

Last synced: 13 Oct 2024

https://github.com/krishpranav/sniff

A Simple Golang Tool That Automates OSINT For Threat Intelligence And Mapping Your Attack Surface.

attack attack-defense attack-surface attack-surfaces bugbounty go golang recon reconnaissance scanner security web-security

Last synced: 15 Oct 2024

https://github.com/n0kovo/gohashmob

Quickly look up hashes in your terminal using the HashMob API ๐Ÿ”ฅ

data-breaches hash-cracking hash-lookup hashcat hashes hashmob osint password-cracking pentesting recon reconnaissance redteam

Last synced: 08 Nov 2024

https://github.com/melbadry9/domain_reg

Check domain availability for registration

bugbounty domain-registration recon

Last synced: 21 Nov 2024

https://github.com/ronin-rb/ronin-web-spider

A collection of common web spidering routines

crawler infosec recon ruby scraper spider utils web websecurity

Last synced: 28 Dec 2024

https://github.com/mathis2001/m4ldu1n-oh

Collection of malduino scripts for pentesters and red teaming.

malduino malduino-scripts malduinoscripts pentest physique recon red-team

Last synced: 09 Jan 2025

https://github.com/0xpugal/pd-recon

A bash script which uses Project Discovery tools for bug bounty reconnaissance.

bugbounty projectdiscovery recon

Last synced: 08 Nov 2024

https://github.com/leetida/ipv4-geo

IP Address Lookup Info and Geolocation Discord Bot

bot discord geo-bot geolocation ip ipadress ipv4 py python3 recon tools

Last synced: 24 Jan 2025

https://github.com/shazsyed/FavHunt

Favicon based recon for faster fingerprinting of web services

bugbounty fingerprinting hacking recon reconaissance webservices

Last synced: 21 Nov 2024

https://github.com/ronin-rb/ronin-db-activerecord

ActiveRecord backend for the Ronin Database

activerecord activerecord-models database infosec recon ruby security

Last synced: 24 Jan 2025

https://github.com/atiilla/gitrecon

This tool uses the GitHub API to scan repositories owned by a user for email addresses and associated names. It provides options to scan specific repositories and exclude forked repositories. Additionally, you can provide a GitHub API token to increase the rate limit for API requests.

osint recon

Last synced: 15 Nov 2024

https://github.com/hrbrmstr/cc

โ›Extract metadata of a specific target based on the results of "commoncrawl.org"

common-crawl domains r r-cyber recon reconnaissance rstats urls

Last synced: 11 Oct 2024

https://github.com/alpkeskin/sitegadget

A cross-platform python based utility for information gathering! Hi, Inspector Gadget...

cross-platform-python information-gathering osint osint-python python python3 recon

Last synced: 23 Nov 2024

https://github.com/mrvcoder/bug-hunting-methodologies

this repo contains some public methodologies which I found from internet (google,telegram,discord,writeups etc..)

bounty bug bugbounty bugbounty-methodology hack hunt information-gathering methodology osint recon reconnaissance

Last synced: 26 Dec 2024

https://github.com/vulnpire/arsenal

Collection of tools, scripts, one-liners, templates, dorks and more

bug-bounty payloads recon red-team

Last synced: 13 Jan 2025

https://github.com/volkansah/nmap-black-python

NMAP-Black-Python is a Python script designed to automate the process of scanning networks for vulnerabilities and open ports using Nmap. This script reads domain names from a text file, scans them using Nmap, and stores the results in a CSV file for easy analysis.

analytics black-python information-gathering nmap nmap-parser nmap-scan-script nmap-scripts osint penetration-testing python python3 recon reconnaissance

Last synced: 09 Dec 2024

https://github.com/superhedgy/sphinx

External Network Reconnaissance script

recon

Last synced: 12 Nov 2024

https://github.com/0xpugal/hacktheweb

Things to do while Hacking/Hunting in Web Applications

bugbounty bugbountytips hack recon subdomain-enumeration vulnerability web webappsec websecurity

Last synced: 31 Dec 2024

https://github.com/techspence/observer

A blue team tool for watching over domains using bug hunting methodology!

blueteam bughunting-methodology enumeration infosec osint recon

Last synced: 15 Nov 2024

https://github.com/tarunkoyalwar/nestle

Match and Extract Nested groups (ex: graphql) using regex with Nestle

automation bugbounty bugbounty-tool go graphql javascript-recon javascript-regex recon regex

Last synced: 13 Oct 2024

https://github.com/mathis2001/showldan

Recon tool using shodan API to automate shodan information gathering process and find juicy stuff during bug hunting.

bug-bounty information-gathering pentest pentesting recon reconnaissance shodan shodan-api shodan-python

Last synced: 11 Nov 2024

https://github.com/ariary/jsextractor

Fastly gather all JavaScript from url (CLi+TUI)

bug-bounty cli extract extractor html-parser javascript js parser pentest recon tui web-pentest xss

Last synced: 11 Nov 2024

https://github.com/rix4uni/SubDog

subdog is a subdomain enumeration tools, this tool collect number of different sources to create a list of root subdomains

recon reconnaissance subdomain subdomain-enumeration wayback-machine

Last synced: 21 Nov 2024

https://github.com/mhmdiaa/acumen

A clean UI with a modular structure to enhance security researchers' ability to work with data

penetration-testing penetration-testing-tools pentesting recon security security-tools user-interface visualization web-application-security

Last synced: 28 Nov 2024

https://github.com/ninoseki/ryo

Yet another website recon tool powered by Ruby

osint recon

Last synced: 18 Oct 2024

https://github.com/mathis2001/twittosint

A simple Twitter OSINT tool written in python

osint recon twitter

Last synced: 11 Nov 2024

Reconnaissance Awesome Lists
Awesome-Asset-Discovery 86 awesome-bbht 80 Awesome-OSINT-For-Everything 1,194 awesome-infosec 83 awesome-recon-tools 44
Reconnaissance Categories
Uncategorized 73 PRODUCTIVITY 53 SEARCH ENGINES 53 GOVERNMENT 47 RESOURCES 43 PUBLIC RECORDS 39 Domain and Network Recon 33 MAPS 32 POLICE / LE / FED 31 DOMAIN / IP / DNS 28 TOOLSET 28 IMAGES and Audio 26 ID GENERATOR 26 PEOPLE 24 Content Discovery 23 PHONE 23 IoT 22 EMAIL 21 EXTREMIST / FAR-RIGHT 20 DARKNET 19