Alternatives and similar repositories for website-passive-reconnaissance

Users that are interested in website-passive-reconnaissance are comparing it to the libraries listed below

• redhuntlabs / Hunt4Spring
  A "Spring4Shell" vulnerability scanner.
  ☆49Updated 8 months ago
• luisfontes19 / CSRFER
  Tool to generate csrf payloads based on vulnerable requests
  ☆64Updated 5 years ago
• Liodeus / swaggerHole
  A python3 script searching for secret on swaggerhub
  ☆66Updated 3 years ago
• MantisSTS / GoCloud
  Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare
  ☆59Updated 2 years ago
• A3h1nt / Subcert
  Subcert is a subdomain enumeration tool, that finds all the subdomains from certificate transparency logs.
  ☆81Updated 4 years ago
• redhuntlabs / Log4JHunt
  An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
  ☆44Updated 8 months ago
• trickest / safe-harbour
  security.txt collection of most popular world-wide domains
  ☆54Updated 2 years ago
• R0X4R / snetra
  A Python based scanner uses shodan-internetdb to scan the IP.
  ☆31Updated 3 years ago
• codingo / simple
  A collection of one off hacks and simple scripts
  ☆28Updated 2 years ago
• ztgrace / mole
  Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.
  ☆58Updated 5 years ago
• mux0x / mulef
  your bestfried for finding LinkedIn Employees on github
  ☆16Updated 2 years ago
• 0xAkashsky / sub-scout
  Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
  ☆34Updated 6 months ago
• j3ssie / cdnstrip
  Striping CDN & WAF IPs from a list of IP Addresses
  ☆79Updated 5 months ago
• carlospolop / Pastos
  ☆56Updated 3 years ago
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆39Updated 3 years ago
• aniqfakhrul / lazyParam
  A simple automation tool to detect lfi, rce and ssti vulnerability
  ☆56Updated 3 years ago
• ihebski / db
  Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]
  ☆29Updated 4 years ago
• emadshanab / Subdomains-brutforce-wordlists-collection
  ☆38Updated 4 years ago
• sec-it / BFAC-Burp-Extension
  Burp Extension for BFAC (Advanced Backup-File Artifacts Testing for Web-Applications)
  ☆21Updated 4 years ago
• trickest / recon-and-vulnerability-scanner-template
  Create your own recon & vulnerability scanner with Trickest and GitHub
  ☆48Updated 2 years ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆73Updated 2 years ago
• geeknik / nuclei-template-generator
  A simple tool which makes creating nuclei templates even easier.
  ☆36Updated last year
• nullenc0de / reverse-apk
  ☆54Updated 11 months ago
• rahulkadavil / Buggyapp
  Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application p…
  ☆12Updated 3 years ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆49Updated 3 years ago
• haqqibrahim / Sling-Shot-R3con
  🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯
  ☆25Updated 2 years ago
• gwen001 / favicon-hashtrick
  Python script implementing the favicon hash trick to find subdomains.
  ☆37Updated 2 years ago
• bassammaged / awsEnum
  Enumerate AWS cloud resources based on provided credential
  ☆51Updated 3 years ago
• enenumxela / subdomains.sh
  A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.
  ☆80Updated 3 years ago
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆22Updated 3 years ago