This script is intended to automate your reconnaissance process in an organized fashion

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Fast web fuzzer written in Go

A standalone python script which utilizes python's built-in modules to enumerate SUID binaries, separate default binaries from custom binaries, cross-match those with bins in GTFO Bin's repository …

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

A Nmap XSL implementation with Bootstrap.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.

Find, verify, and analyze leaked credentials

40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Fast passive subdomain enumeration tool.

In-depth attack surface mapping and asset discovery

Gospider - Fast web spider written in Go

Web application fuzzer

Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!

a drop-in replacement for Nmap powered by shodan.io

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan & VirusTotal!

Combined port scanning w/ Masscan's speed & Nmap's scanning features.

A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

Find domains and subdomains related to a given domain

Fast subdomains enumeration tool for penetration testers

Take a list of domains and probe for working HTTP and HTTPS servers

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

A next-generation crawling and spidering framework.

Knock Subdomain Scan