Intel Owl: analyze files, domains, IPs in multiple ways
Intel Owl Do you want to get threat intelligence data about a file, an IP, or a domain? Do you want to get this kind of data from multiple sources at the same time using a...
Category: OSINT – Open Source Intelligence
Scrapling: Fast, Adaptive Web Scraping for Python
Scrapling: Lightning-Fast, Adaptive Web Scraping for Python Scrapling is a high-performance, intelligent web scraping library for Python that automatically adapts to website changes while significantly outperforming popular alternatives. Whether you’re a beginner or an...
Sooty: SOC Analysts all-in-one CLI tool to automate and speed up workflow
Sooty The SOC Analysts all-in-one CLI tool to automate and speed up workflow. Feature Sanitise URL’s to be safe to send in emails Perform reverse DNS and DNS lookups Perform reputation checks from:...
dnstwist: Domain name permutation engine
dnstwist See what sort of trouble users can get in trying to type your domain name. Find lookalike domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud, and brand...
ivre: open source network recon framework
IVRE IVRE is an open-source framework for network recon. It relies on open-source well-known tools (Nmap, Zmap, Masscan, Bro, and p0f) to gather data (network intelligence), stores it in a database (MongoDB), and provides tools to analyze it....
slack watchman: Monitoring you Slack workspaces for sensitive information
Slack Watchman Slack Watchman is an application that uses the Slack API to look for potentially sensitive data exposed in your Slack workspaces. Features It searches for, and reports back on: Externally shared...
CloudShovel: scanning public or private AMIs for sensitive files and secrets
CloudShovel CloudShovel is a tool designed to search for sensitive information within public or private Amazon Machine Images (AMIs). It automates the process of launching instances from target AMIs, mounting their volumes, and scanning...
crawl4ai: Open-source LLM Friendly Web Crawler & Scrapper
Crawl4AI Crawl4AI simplifies asynchronous web crawling and data extraction, making it accessible for large language models (LLMs) and AI applications. Feature 🆓 Completely free and open-source 🚀 Blazing fast performance, outperforming many paid services...
sslscan: tests SSL/TLS enabled services to discover supported cipher suites
sslscan sslscan tests SSL/TLS-enabled services to discover supported cipher suites. This is a fork of ioerror’s version of sslscan. Changes are as follows: Highlight SSLv2 and SSLv3 ciphers in output. Highlight CBC ciphers on SSLv3 (POODLE). Highlight...
bopscrk: generate smart and powerful wordlists
Bopscrk Bopscrk (Before Outset PaSsword CRacKing) is a tool to generate smart and powerful wordlists. Included in BlackArch Linux pentesting distribution and Rawsec’s Cybersecurity Inventory since August 2019. The first idea was inspired by Cupp and Crunch. We could say...
fierce: A DNS reconnaissance tool
Fierce Fierce is a DNS reconnaissance tool for locating non-contiguous IP space. Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It’s really meant as a pre-cursor to...
gitleaks: Searches full repo history for secrets and keys
gitleaks – Check git repos for secrets and keys Gitleaks provides a way for you to find unencrypted secrets and other unwanted data types in git source code repositories. As part of its core...
getaltname: Extract subdomains from SSL certificates in HTTPS sites
GetAltName GetAltName (or GAN) is a tool that can extract Subject Alternative Names found in SSL Certificates directly from HTTPS websites which can provide you with DNS names (subdomains) or virtual servers. This code extracts subdomain names from https sites...
sn0int: OSINT framework and package manager
sn0int sn0int is an OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. It is an enumerating attack...
nmap: Idiomatic nmap bindings for go developers
nmap This library aims at providing idiomatic nmap bindings for go developers, to make it easier to write security audit tools using golang. What is nmap Nmap (Network Mapper) is a free and open-source network scanner...
cloudkicker: self-hosted Azure OSINT tool
cloudkicker self-hosted Azure OSINT tool It is very similar to what @DrAzureAD’s OSINT tool does (https://aadinternals.com/osint/). While this version lacks a few of the extra features, it is self-contained, requires no account, and can...
