In-depth Attack Surface Mapping and Asset Discovery

OneForAll是一款功能强大的子域收集工具

Next generation web scanner

reNgine is a reconnaissance engine(framework) that does end-to-end reconnaissance with the help of highly configurable scan engines and does information gathering about the target web application. reNgine makes use of various open-source tools and makes a configurable pipeline of reconnaissance.

HTTP parameter discovery suite.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

Striker is an offensive information and vulnerability scanner.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

In-depth Attack Surface Mapping and Asset Discovery

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

Automation for internal Windows Penetrationtest / AD-Security

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Reconnaissance Swiss Army Knife

Visualize Erlang/Elixir Nodes On The Command Line

List of Awesome Asset Discovery Resources

Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.

a recon tool that allows searching on URLs that are exposed via shortener services

Semi-automatic OSINT framework and package manager

Email recon made fast and easy, with a framework to build on

A collection of awesome one-liner scripts especially for bug bounty tips.

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Advanced reconnaissance utility

Reconnaissance tool for GitHub code search. Finds exposed API keys using pattern matching, commit history searching, and a unique result scoring system.

Making Favicon.ico based Recon Great again !

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

Automated network asset, email, and social media profile discovery and cataloguing.

HostHunter a recon tool for discovering hostnames using OSINT techniques.