frisbee: Collect email addresses by crawling search engine results
Frisbee is a small utility to collect email addresses from search engines and other free-form text sources. Frisbee makes it simple to find email addresses posted on the web by...
Category: Web Information Gathering
Firewall bypass script based on DNS history records
Bypass firewalls by abusing DNS history This script will try to find: the direct IP address of a server behind a firewall like Cloudflare, Incapsula, SUCURI … an old server...
recursebuster v1.6.13 releases: rapid content discovery tool for recursively querying webservers
RecurseBuster rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments Features HEAD Based Checks For servers the support it, HEAD based checks speed up...
h8mail v2.5.6 releases: Email OSINT and password breach hunting
h8mail Email OSINT and password finder. Use h8mail to find passwords through a different breach and reconnaissance services, or the infamous “Breach Compilation” torrent. Features 🔎 Email pattern matching (regexp), useful for...
giggity: grab hierarchical data about a github organization, user, or repo
Giggity Get information about an organization, user, or repo on github. Stores all data in a json file, organized in a tree of dictionaries for easy database transfer or data...
CMSeeK v1.1.3 releases: Content Management Systems Detection and Exploitation suite
What is a CMS? A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress,...
aquatone v2.0 released: A Tool for Domain Flyovers
AQUATONE Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface. Changelog v2.0...
HostHunter v1.6 releases: discovering hostnames using OSINT techniques
HostHunter A tool to efficiently discover and extract hostnames over a large set of target IP addresses. HostHunter utilizes simple OSINT techniques. It generates a CSV file containing the results...
repo-supervisor v3.2 releases: Scan your code for security misconfiguration, search for passwords and secrets
Repo-supervisor A serverless tool that detects secrets and passwords in your pull requests – one file at a time. Introduction It happens sometimes that you can commit secrets or passwords...
machinae v1.4.8 releases: Machinae Security Intelligence Collector
Machinae Security Intelligence Collector Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data: IP addresses, domain names, URLs, email addresses, file hashes and...
rigmap: A wrapper for Nmap to automate the pentest
Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect information into a well-organized directory hierarchy. The use of Nmap makes...
intrigue-core: Discover your attack surface
intrigue-core Intrigue-core is a framework for external attack surface discovery and automated OSINT. There are a number of use cases: Application and Infrastructure (Asset) Discovery Security Research and Vulnerability Discovery...
Striker v0.9-beta releases: offensive information and vulnerability scanner
Striker Striker 2.0 is still in the prototype phase, which means it’s not intended to be used by regular users. It has been made public for contributions to make the...
pown-buster v2.7.2 releases: powerful web file and folder discovery tool
Pown Buster Pown Buster is a web file and folder discovery tool. Pown Buster is written such as that none of the requests and internal scheduling mechanisms is blocking. Although...
Asnlookup: Look up IP addresses (IPv4 & IPv6) registered and owned by a specific organization
Asnlookup An autonomous system number (ASN) is a unique number assigned to an autonomous system (AS) by the Internet Assigned Numbers Authority (IANA). An AS consists of blocks of IP...
