Loading...

Popular Free Commercial Categories Tasks Blog

CyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Offensive Security for Recon

Ethical hacking tools and resources for penetration testing and red team operations. Task: ReconExplore 13 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Categories
Offensive Security
Recon

RELATED TASKS

active-directory (5)ai (2)analytics (1)android (4)android-security (3)anti-forensics (2)antivirus (4)apache (3)api (6)api-security (2)

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

Gospider
A Go-based web spider tool for automated crawling and data collection from web resources across multiple protocols and formats.
0
Free
Offensive Security
Web Crawler
Go
Golang
Reconnaissance
Recon
Web Scraping
Data Mining
Crawling
Offensive Security
Api
Gospider
A Go-based web spider tool for automated crawling and data collection from web resources across multiple protocols and formats.
0
Free
Offensive Security
Web Crawler
Go
Golang
+7
python-builtwith
A Python API client for BuiltWith that enables programmatic access to website technology profiling and reconnaissance data.
0
Free
Offensive Security
Python
Api
Reconnaissance
Recon
Osint
Web
Intelligence Gathering
Python Library
Attack Surface
Penetration Testing
python-builtwith
A Python API client for BuiltWith that enables programmatic access to website technology profiling and reconnaissance data.
0
Free
Offensive Security
Python
Api
Reconnaissance
+7
cariddi
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
0
Free
Offensive Security
Reconnaissance
Recon
Penetration Testing
Pentesting
Crawler
Secret Detection
Api
Enumeration
Scanner
Offensive Security
cariddi
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
0
Free
Offensive Security
Reconnaissance
Recon
Penetration Testing
+7
gowitness
A Go-based command-line tool that uses Chrome Headless to automatically capture screenshots of web pages for reconnaissance and analysis purposes.
0
Free
Offensive Security
Reconnaissance
Screenshot
Web
Cli
Golang
Penetration Testing
Recon
Automation
Chrome
gowitness
A Go-based command-line tool that uses Chrome Headless to automatically capture screenshots of web pages for reconnaissance and analysis purposes.
0
Free
Offensive Security
Reconnaissance
Screenshot
Web
+6
CloudScraper
CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.
0
Free
Offensive Security
Enumeration
Cloud Security
Reconnaissance
S3
Azure
Penetration Testing
Offensive Security
Cloud
Scanner
Recon
CloudScraper
CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.
0
Free
Offensive Security
Enumeration
Cloud Security
Reconnaissance
+7
bugcrowd-levelup-subdomain-enumeration
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
0
Free
Offensive Security
Subdomain Enumeration
Subdomain Discovery
Reconnaissance
Bug Bounty
Educational
Penetration Testing
Offensive Security
Conference
Training
Recon
bugcrowd-levelup-subdomain-enumeration
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
0
Free
Offensive Security
Subdomain Enumeration
Subdomain Discovery
Reconnaissance
+7
Findomain
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
0
Free
Offensive Security
Reconnaissance
Subdomain Enumeration
Subdomain Discovery
Port Scanning
Network Reconnaissance
Osint
Penetration Testing
Attack Surface
Domain Enumeration
Recon
Findomain
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
0
Free
Offensive Security
Reconnaissance
Subdomain Enumeration
Subdomain Discovery
+7
Yar
Yar is a reconnaissance tool for scanning organizations, users, and repositories to identify vulnerabilities and security risks during security assessments.
0
Free
Offensive Security
Reconnaissance
Vulnerability Scanning
Penetration Testing
Security Assessment
Enumeration
Offensive Security
Scanner
Recon
Security Testing
Vulnerability Detection
Yar
Yar is a reconnaissance tool for scanning organizations, users, and repositories to identify vulnerabilities and security risks during security assessments.
0
Free
Offensive Security
Reconnaissance
Vulnerability Scanning
Penetration Testing
+7
ParamSpider
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
1
Free
Offensive Security
Python
Bug Bounty
Reconnaissance
Recon
Url
Web
Offensive Security
Penetration Testing
Vulnerability Assessment
Osint
ParamSpider
A Python tool that mines URLs from web archives to assist security researchers in discovering potential attack surfaces for bug hunting and vulnerability assessment.
1
Free
Offensive Security
Python
Bug Bounty
Reconnaissance
+7
assetfinder
A command-line tool for discovering domains and subdomains related to a target domain during reconnaissance activities.
0
Free
Offensive Security
Reconnaissance
Subdomain Enumeration
Domain Enumeration
Cli Tool
Penetration Testing
Asset Discovery
Network Reconnaissance
Offensive Security
Enumeration
Recon
assetfinder
A command-line tool for discovering domains and subdomains related to a target domain during reconnaissance activities.
0
Free
Offensive Security
Reconnaissance
Subdomain Enumeration
Domain Enumeration
+7
bounty-targets-data
A repository providing hourly-updated data dumps of bug bounty platform scopes from major platforms like HackerOne, Bugcrowd, and Intigriti for security researchers.
0
Free
Offensive Security
Bug Bounty
Reconnaissance
Recon
Automation
Security Research
Open Source
Repository
Github
Offensive Security
bounty-targets-data
A repository providing hourly-updated data dumps of bug bounty platform scopes from major platforms like HackerOne, Bugcrowd, and Intigriti for security researchers.
0
Free
Offensive Security
Bug Bounty
Reconnaissance
Recon
+6
brutesubs
An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.
0
Free
Offensive Security
Subdomain Enumeration
Subdomain Discovery
Subdomain Scanning
Subdomains
Reconnaissance
Recon
Automation
Docker
Docker Compose
Penetration Testing
Offensive Security
Bruteforcing
Wordlists
Containerization
brutesubs
An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.
0
Free
Offensive Security
Subdomain Enumeration
Subdomain Discovery
Subdomain Scanning
+11
Offensive Docker
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
0
Free
Offensive Security
Pentest
Docker
Recon
Port Scanning
Web Scanning
Fuzzing
Brute Force
Forensic Analysis
Offensive Docker
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
0
Free
Offensive Security
Pentest
Docker
Recon
+5

1