|5 days ago||4 days ago|
|MIT License||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
GitHub - pwnesia/dnstake: DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
1 project | reddit.com/r/bag_o_news | 1 Sep 2021
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
1 project | reddit.com/r/netsec | 28 Aug 20211 project | reddit.com/r/golang | 28 Aug 2021
OWASP/Amass: In-depth Attack Surface Mapping and Asset Discovery
1 project | reddit.com/r/blueteamsec | 23 Apr 2022
A new free, open source, cross platform OSINT Tool
3 projects | reddit.com/r/PrivacySecurityOSINT | 4 Apr 2022
Mostly by researching the OSINT sources that other open source project pulls data from e.g amass, spiderfoot, the Harvetser etc
Awesome Penetration Testing
124 projects | dev.to | 6 Oct 2021
OWASP Amass - Subdomain enumeration via scraping, web archives, brute forcing, permutations, reverse DNS sweeping, TLS certificates, passive DNS data sources, etc.
Setting Amass config file?
1 project | reddit.com/r/hacking | 23 Sep 2021
I posted this question on the amass discord and haven't gotten a reply so I thought I would throw it up here. I'm trying to get the config file setup. I added a file to /etc/amass/ using nano and named it config.ini and copy/pasted the example config.ini from github ( Amass/config.ini at master · OWASP/Amass (github.com ). Tried running it, permission denied, did chmod+x config.ini, ran with sudo and still permission denied. I've tried running the command as amass enum -d example.com -config /etc/amass/config.ini.
Is There A Tool For Scanning All Near Devices And Discover What Network They Are Connected To
1 project | reddit.com/r/hacking | 1 Sep 2021
1 project | news.ycombinator.com | 19 Jul 2021
Laramies / TheHarvester Emails, Subdomains and Names Harvester – Osint
3 projects | news.ycombinator.com | 16 Jun 2021
Clarification on Black Box Pentesting
2 projects | reddit.com/r/Pentesting | 31 May 2021
On the subdomain part you may want to use amass https://github.com/OWASP/Amass
Tools for InfoSec
5 projects | dev.to | 18 Apr 2021
Excited about my first Linux laptop ! Lemur Pro. Tips for who to optimize this for OSINT / Kali type of work?
5 projects | reddit.com/r/System76 | 12 Jan 2021
Amass - https://github.com/OWASP/Amass
What are some alternatives?
subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
assetfinder - Find domains and subdomains related to a given domain
spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
theHarvester - E-mails, subdomains and names Harvester - OSINT
SQLMap - Automatic SQL injection and database takeover tool
Zed - The OWASP ZAP core project
checkip - Get (security) info about IP addresses
grype - A vulnerability scanner for container images and filesystems
flan - A pretty sweet vulnerability scanner
trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets