Skiptracer – OSINT scraping framework Initial attack vectors for recon usually involve utilizing pay-for-data/API (Recon-NG) or paying to utilize transforms (Maltego) to get data mining results. Skiptracer utilizes some basic...
OWASP DeepViolet TLS/SSL API DeepViolet is a TLS/SSL scanning API written in Java. To keep DeepViolet easy to use, identify bugs, reference implementations have been developed that consume the API....
HackB0x v1.0 HackBox is the combination of awesome tools and techniques. This tool includes [1] – Xss [2] – Exploits [3] – Subdomain scanner [4] – Whois Lookup [5] –...
Web Information Gathering / WebApp PenTest
by do son · Published August 13, 2018 · Last modified November 4, 2024
Belati – The Traditional Swiss Army Knife For OSINT Belati is a tool for Collecting Public Data & Public Document from Website and other services for OSINT purpose. This tool...
git-all-secrets git-all-secrets is a tool that can: Clone multiple public/private github repositories of an organization and scan them, Clone multiple public/private github repositories of a user that belongs to an...
Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to all original OSINT capabilities of sublist3r, turbolist3r automates some of the results analysis, with a focus on subdomain takeover....
admin-finder Multi-threaded admin finder written in python Disclaimer: For Educational Purpose only. Use at your own risk, it is very easy to detect such attempts Features Check the robots.txt file,...
Social Mapper A Social Media Mapping Tool that correlates profiles via facial recognition by Jacob Wilkin(Greenwolf) Social Mapper is an Open Source Intelligence Tool that uses facial recognition to correlate...
Archaeologit This script scans the history of a user’s GitHub repositories for a given pattern to find sensitive things that may have been there but has been overwritten in a...
DumpsterDiver DumpsterDiver is a tool used to analyze big volumes of various file types in search of hardcoded secret keys (e.g. AWS Access Key, Azure Share Key or SSH keys)...
Reddit Account Analyzer A tool to analyze a Reddit account based on their submissions and comments. The tool prints back the following information: Karma Scores Account creation date and age...
WebBorer WebBorer is a directory-enumeration tool written in Go and targeting CLI usage. This project was formerly named ‘GoBuster’, but that had a namespace collision with OJ Reeves’ excellent tool...
DOT – Darknet OSINT Transform What does this do? It fetches open ports, banners, emails, BTC addresses, linked onions domains and other (soon). Where are the infos stored? The infos...
Gitmails explores that git commits contain a name and an email configured by the author and that version control host services are being used to store a lot of projects....
Sanitiz3r Sanitiz3r is a lightweight tool designed to filter based on a set of defined rules and determine the validity of subdomains of a website discovered through a bunch of...
Support Securityonline.info site. Thanks!
