Reconnaissance
Explore 82 curated cybersecurity tools, with 14,080+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
Pentera Surface is an external attack surface management platform that continuously maps, monitors, and validates web-facing assets through automated reconnaissance and safe exploitation testing.
Pentera Surface is an external attack surface management platform that continuously maps, monitors, and validates web-facing assets through automated reconnaissance and safe exploitation testing.
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
An open-source framework that enables building and deploying AI-powered security automation tools for both offensive and defensive cybersecurity operations using over 300 AI models.
A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.
A comprehensive educational resource that provides structured guidance on penetration testing methodology, tools, and techniques organized around the penetration testing attack chain.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
A free online service that scans the dark web for exposed credentials and sensitive data associated with specific domains or email addresses.
A free online service that scans the dark web for exposed credentials and sensitive data associated with specific domains or email addresses.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
An AI-powered wrapper for ffuf that automatically suggests relevant file extensions for web fuzzing based on target URL analysis and response headers.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
BloodHound is a Javascript web application that uses graph theory to analyze Active Directory and Azure environments, revealing hidden relationships and potential attack paths through visual mapping.
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
An automated tool for identifying technologies used on websites with mass scanning capabilities, based on the Wappalyzer detection engine.
A Go-based web spider tool for automated crawling and data collection from web resources across multiple protocols and formats.
A Go-based web spider tool for automated crawling and data collection from web resources across multiple protocols and formats.
A reconnaissance tool for GitHub organizations
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A Python API client for BuiltWith that enables programmatic access to website technology profiling and reconnaissance data.
A Python API client for BuiltWith that enables programmatic access to website technology profiling and reconnaissance data.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
A tool for enumerating and analyzing Amazon S3 buckets associated with specific targets to identify potential security misconfigurations.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
An automated reconnaissance tool that crawls domains to discover URLs and scan for exposed secrets, API keys, and sensitive files during security assessments.
LinksDumper extracts links and endpoints from HTTP responses to support web application security testing and reconnaissance activities.
LinksDumper extracts links and endpoints from HTTP responses to support web application security testing and reconnaissance activities.
A Go-based command-line tool that uses Chrome Headless to automatically capture screenshots of web pages for reconnaissance and analysis purposes.
A Go-based command-line tool that uses Chrome Headless to automatically capture screenshots of web pages for reconnaissance and analysis purposes.
A fast and reliable port scanner written in Go, designed for attack surface discovery in bug bounties and penetration testing.
A fast and reliable port scanner written in Go, designed for attack surface discovery in bug bounties and penetration testing.
CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.
CloudScraper is an enumeration tool that discovers cloud storage resources including S3 buckets, Azure blobs, and DigitalOcean Spaces across target environments.
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
Educational repository containing materials on advanced subdomain enumeration techniques from Bugcrowd LevelUp 2017 conference.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A format conversion tool for S3 buckets designed to assist bug bounty hunters and security testers in standardizing bucket data during reconnaissance activities.
A Chrome extension that automatically detects and lists Amazon S3 buckets while browsing websites.
A Chrome extension that automatically detects and lists Amazon S3 buckets while browsing websites.
A CLI tool that enhances Nmap with 31 modules containing 459 scan profiles for streamlined network reconnaissance and security assessments.
A CLI tool that enhances Nmap with 31 modules containing 459 scan profiles for streamlined network reconnaissance and security assessments.
