Alternatives and similar repositories for recon

Users that are interested in recon are comparing it to the libraries listed below

• pjrinaldi / wombatforensics

  View on GitHub
  linux c++, fox-toolkit, multi-threaded forensic gui tool
  ☆49Jul 19, 2024Updated last year
• EricZimmerman / TLEFilePlugins

  View on GitHub
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆28May 5, 2025Updated 9 months ago
• WiredPulse / Invoke-SRUMDump

  View on GitHub
  A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.
  ☆14Oct 21, 2021Updated 4 years ago
• embee-research / CyberChef

  View on GitHub
  ☆16Mar 22, 2023Updated 2 years ago
• AndrewRathbun / ForensicImageKAPEOutput

  View on GitHub
  A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!
  ☆17Aug 31, 2024Updated last year
• XaFF-XaFF / Heap-Injection

  View on GitHub
  Example of C# heap injector for x64 and x86 shellcodes
  ☆14Jan 1, 2023Updated 3 years ago
• schmalle / Servletpot

  View on GitHub
  Webapplication Honeypot
  ☆15May 12, 2013Updated 12 years ago
• nobody-cares / Incident-Response-Plan

  View on GitHub
  Incident Response Plan for all major incidents including cheatsheets for both linux and windows
  ☆14Jun 4, 2020Updated 5 years ago
• Vozec / AES-Flipper

  View on GitHub
  This tool automates and facilitates an AES CBC BitFlip attack
  ☆18Jan 17, 2024Updated 2 years ago
• Peco602 / rusthunter

  View on GitHub
  RustHunter is a modular incident response framework based on Rust and Ansible to build and compare environmental baselines.
  ☆18Nov 12, 2025Updated 3 months ago
• codeyourweb / fastfinder

  View on GitHub
  Incident Response - Fast suspicious file finder
  ☆249Jan 24, 2026Updated 3 weeks ago
• hulto / rusty-keys

  View on GitHub
  Linux rust keylogger
  ☆18Mar 1, 2024Updated last year
• ethanbayne / OpenForensics

  View on GitHub
  OpenCL Digital Forensics data analysis and file carving tool
  ☆24May 14, 2023Updated 2 years ago
• forensicanalysis / artifactcollector

  View on GitHub
  🧭 The artifactcollector is a customizable agent to collect forensic artifacts on any Windows, macOS or Linux system
  ☆305May 7, 2025Updated 9 months ago
• 0xHossam / APT-Attack-Simulation

  View on GitHub
  Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…
  ☆61May 3, 2024Updated last year
• prash-wghats / Dtrace-ETW

  View on GitHub
  DTrace for Windows in userspace; Frontend to ETW
  ☆27Oct 4, 2022Updated 3 years ago
• mrcbax / honeyup

  View on GitHub
  An uploader honeypot designed to look like poor website security.
  ☆28Apr 19, 2025Updated 9 months ago
• 0xG00S3 / Hashbreaker

  View on GitHub
  A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…
  ☆33Mar 5, 2025Updated 11 months ago
• ciscocsirt / dhp

  View on GitHub
  Simple Docker Honeypot server emulating small snippets of the Docker HTTP API
  ☆33Oct 6, 2020Updated 5 years ago
• aleemladha / wazuh_server_install

  View on GitHub
  Installing wazuh SIEM Unified XDR and SIEM protection
  ☆33Jun 3, 2025Updated 8 months ago
• binaryninja / Malware-Knowledge-Graph

  View on GitHub
  Create malware knowledge graphs from analysis reports
  ☆39Dec 6, 2023Updated 2 years ago
• johnnykv / mnemosyne

  View on GitHub
  Normalizer for honeypot data.
  ☆46Jun 19, 2015Updated 10 years ago
• scrt / event_masker

  View on GitHub
  Event Masker is a Splunk streaming command to mask event from search based on a list of rules that contain conditions.
  ☆16Oct 11, 2022Updated 3 years ago
• microsoft / Azure-Threat-Research-Matrix

  View on GitHub
  ☆81Jun 17, 2024Updated last year
• help-14 / mountain

  View on GitHub
  Web-based file browser
  ☆38Aug 26, 2025Updated 5 months ago
• dobin / avred-server

  View on GitHub
  The AMSI server for Avred
  ☆33Sep 15, 2023Updated 2 years ago
• op7ic / unix_collector

  View on GitHub
  unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Andro…
  ☆41Jun 10, 2025Updated 8 months ago
• Octoberfest7 / Proxy_Egress_Persistence

  View on GitHub
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆34Sep 15, 2022Updated 3 years ago
• cipher387 / quickcacheandarchivesearch

  View on GitHub
  Quick Cache and Archive search buttons
  ☆38May 11, 2024Updated last year
• kacos2000 / Win10LiveInfo

  View on GitHub
  Windows 10 Live Information viewer
  ☆37Jan 27, 2022Updated 4 years ago
• eymengunay / EoHoneypotBundle

  View on GitHub
  Honeypot type for Symfony forms
  ☆37Jun 13, 2025Updated 8 months ago
• EricZimmerman / bstrings

  View on GitHub
  A better strings utility!
  ☆150Feb 8, 2026Updated last week
• vulsio / go-cti

  View on GitHub
  Build a local copy of MITRE ATT&CK and CAPEC. Server mode for easy querying.
  ☆34Feb 4, 2026Updated 2 weeks ago
• zinotrust / easybank

  View on GitHub
  ☆11Oct 14, 2020Updated 5 years ago
• CohenArthur / rust-gistre-workshop

  View on GitHub
  ☆11Apr 17, 2021Updated 4 years ago
• GMDSantana / crivo

  View on GitHub
  A tool for extracting and filtering URLs, IPs, domains, and subdomains from text or web pages, with built-in web scraping capabilities.
  ☆14Mar 10, 2025Updated 11 months ago
• yardenshafir / conference_talks

  View on GitHub
  Slides from various conference talks
  ☆37May 30, 2023Updated 2 years ago
• islombay / python-tgbot-premium-subscription

  View on GitHub
  The telegram bot provides basic subscription for premium (non telegram premium, only bot's own). Uses some telegram payment methods
  ☆10Mar 30, 2023Updated 2 years ago
• megadose / hunter-maltego

  View on GitHub
  Maltego transform for hunter.io
  ☆40Apr 28, 2021Updated 4 years ago