Category: Web Information Gathering
GoAltdns GoAltdns is a permutation generation tool that can take a list of subdomains, permute them using a wordlist, insert indexes, numbers, dashes and increase your chance of finding that esoteric subdomain that no-one...
Twitter Intelligence A project is written in Python to twitter tracking and analysis without using Twitter API. Database SQLite is used as the database. Tweet data are stored on the Tweet, User, Location, Hashtag,...
tactical-exploitation I’ve always been a big proponent of a tactical approach to penetration testing that does not focus on exploiting known software vulnerabilities but relies on old-school techniques such as information gathering and brute...
OWASP JoomScan Project OWASP Joomla! Vulnerability Scanner is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments. Implemented in Perl, this...
Crips IP Tools This Tool is a collection of online IP Tools that can be used to quickly get information about IP Address‘s, Web Pages and DNS records. Menu Whois lookup Traceroute DNS Lookup...
WebKiller Information Gathering Tool Write With Python. Function: 1 – Reverse IP With HackTarget 2 – Reverse IP With YouGetSignal 3 – Geo IP Lookup 4 – Whois 5 – Bypass CloudFlare 6 –...
CertGraph A tool to crawl the graph of certificate Alternate Names CertGraph crawls SSL certificates creating a directed graph where each domain is a node and the certificate alternative names for that domain’s certificate...
scanless Command-line utility for using websites that can perform port scans on your behalf. Useful for early stages of a penetration test or if you’d like to run a port scan on a host...
The Hamburglar Multithreaded and recursive directory scraping script. Stores useful information with the filepath and finding. All in one file, no external packages required! The Hamburglar can find ipv4 addresses (public and local) emails...
linkScrape Enumerates employee names from LinkedIn.com Considerations: linkScrape is a pure Web Scraper, that does not utilize LinkedIn’s API. linkScrape has limitations/bugs when scraping some character sets. Your LinkedIn.com account may be flagged or...
Hawkeye HawkEye is a simple tool to crawl the filesystem or a directory looking for interesting stuff like SSH Keys, Log Files, SQLite Database, password files, etc. Hawkeye uses a fast filesystem crawler to...
S3Finder Yet another program to find readable S3 buckets. Can search using a wordlist or by monitoring the certstream network for domain names from certificate transparency logs. If a name contains dots, a name...
Sniff-Paste: OSINT Pastebin Harvester Multithreaded Pastebin scraper, scrapes to MySQL database, then reads pastes for noteworthy information. Use sniff-paste.py to go through the entire process of collection, logging, and harvest automatically. The scraper can...
mass3 Quickly enumerate through a pre-compiled list of AWS S3 buckets using DNS instead of HTTP with a list of DNS resolvers and multi-threading. Warning: Be aware that this is really shitty golang code....
ODIN Observe, Detect, and Investigate Networks A Python tool for automating intelligence gathering, testing and reporting. ODIN is still in active development, so check the dev branch for the bleeding edge. Feedback is welcome!...