Reconnaissance
Explore 23 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
A script to extract subdomains/emails for a given domain using SSL/TLS certificate dataset on Censys.
A subdomain scan tool that helps you find subdomains of a given domain.
An Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers.
A tool for discovering and enumerating external attack surfaces
Find domains and subdomains related to a given domain
A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Offensive security tool for reconnaissance and information gathering with a wide range of features and future roadmap.
A disclosure of a bug found in Twitter's Vine and the process of procuring the source code.
A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.
FingerprintX is a standalone utility for service discovery on open ports.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
Ultimate Internet of Things/Industrial Control Systems reconnaissance tool powered by Shodan.
Advanced email reconnaissance tool leveraging public data.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A toolkit to attack Office365, including tools for password spraying, password cracking, token manipulation, and exploiting vulnerabilities in Office365 APIs and services.
Cutting-edge open-source security tools for adversary simulation and threat hunting.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
A LinkedIn reconnaissance tool for gathering information about companies and individuals on the platform.
A full-featured reconnaissance framework for web-based reconnaissance with a modular design.