Reconnaissance Tools

808 tools
kitsec-core
kitsec-core
Open Source Exploitation Reconnaissance

knockpy
knockpy
Open Source Reconnaissance

✅ Fast & Async • 🔐 Recon + Brute • 🔧 Easy to Extend
L0p4-Toolkit
L0p4-Toolkit
Open Source Kali Exploitation Reconnaissance

L0p4 Toolkit is a powerful hacking toolset designed for hacker's. It includes advanced tools for web hacking (SQLi, XSS), network scanning, …
Lawliet
Lawliet
Open Source Reconnaissance

🕵️ Track down social media profiles using a specific username across multiple social network platforms
Lazy-Hunter
Lazy-Hunter
Open Source Reconnaissance

LazyHunter is an automated reconnaissance tool designed for bug hunters, leveraging Shodan's InternetDB and CVEDB APIs
leaker
leaker
Open Source Reconnaissance

Passive leak enumeration tool.
Leakfa.com
Leakfa.com
Open Source Reconnaissance

A simple way to check if your data has been compromised in major security breaches affecting Iran — similar to "Have I Been Pwned" but focus…
leaks
leaks
Free Reconnaissance Reverse Engineering

Compromised SSH servers and scraped mirror sites leaked scripts intended for malicious use.
LeakScope
LeakScope
Open Source Reconnaissance

An all-in-one Shodan & ZoomEye supported tool to search, browse, preview and dump data leakage across 20+ services. Pulls real exposure stra…
leaky-paths
leaky-paths
Free Exploitation Password Attacks

A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc.…
Legendary_Crypto
Legendary_Crypto
Free Reconnaissance

A resource full of Crypto/OSINT tools, techniques and training courses for CTI, AML, and forensic investigations.
Legendary_OSINT
Legendary_OSINT
Free Reconnaissance

A list of OSINT tools & resources for (fraud-)investigators, CTI-analysts, KYC, AML and more.
LinkdTime
LinkdTime
Open Source Reconnaissance

A Linkedin Activity date Finder
LinkedInDumper
LinkedInDumper
Free Reconnaissance

Python 3 script to dump/scrape/extract company employees from LinkedIn API
linkook
linkook
Open Source Reconnaissance

🔍 An OSINT tool for discovering linked social accounts and associated emails across multiple platforms using a single username.
linux-for-OSINT-21-day
linux-for-OSINT-21-day
Open Source Reconnaissance

In this repository you will find sample commands and test files for each day of the course "Linux for OSINT. A 21-day course for beginners".
linx
linx
Open Source Reconnaissance

Reveals invisible links within JavaScript files
llm_osint
llm_osint
Open Source Reconnaissance

LLM OSINT is a proof-of-concept method of using LLMs to gather information from the internet and then perform a task with this information.
LogBoost
LogBoost
Open Source Forensics Reconnaissance

Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indicat…
loki
loki
Open Source Reconnaissance

Command Line Sock Puppet Creator for Investigators.
lookup.tools
lookup.tools
Open Source Reconnaissance

🔎 The cyber swiss army knife of lookup tools. Research information on domains, IPs, email addresses, and more!
Lucille
Lucille
Free Reconnaissance Scanning & Enumeration

Information Gatherer & Webapps Exploiter
mach
mach
Open Source Reconnaissance

Mach is a fast, reliable, and extensible web fuzzing tool built for security researchers, bug bounty hunters, and penetration testers. Desig…
magicRecon
magicRecon
Open Source Exploitation Reconnaissance

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, …