The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Python Enumeration Projects
-
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
-
-
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
-
enum4linux-ng
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.
-
jfscan
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
-
graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
-
Dome
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports. (by v4d1)
-
Nebula
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components. (by gl4ssesbo1)
-
Lucifer
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build Automation Modules To Speed Up Your Cyber Security Life
-
ADenum
AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with kerberos.
-
TireFire
Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the target. Comfortable GUI-ish platform. Great for OSCP/HTB type Machines as well as penetration testing.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.
We're using pwncat-cs to listen for incoming connections and elevate to a shell. Log into the EC2 VM and run:
o365Spray is a python script that can be used to password spray attack Microsoft 365 email accounts very efficiently. Here is the link to the script: https://github.com/0xZDH/o365spray
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Python Enumeration related posts
- o365Spray Attack Respond Rule
- I made a CLI that streamlines Ethical Hacking workflow
- PyPi distribution Hustle
- Pwncat usage on the exam
- Millions of .git folders exposed publicly by mistake
- I created a script to automatically check for LFI
- JFScan is alternative for Naabu and Rustscan
-
A note from our sponsor - WorkOS
workos.com | 26 Apr 2024
Index
What are some of the best open-source Enumeration projects in Python? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | PayloadsAllTheThings | 56,681 |
| 2 | dirsearch | 11,213 |
| 3 | Raccoon | 2,993 |
| 4 | pwncat | 2,349 |
| 5 | Reconnoitre | 2,065 |
| 6 | rapidscan | 1,650 |
| 7 | Interlace | 1,171 |
| 8 | CrossLinked | 1,146 |
| 9 | enum4linux-ng | 1,021 |
| 10 | subscraper | 735 |
| 11 | o365spray | 670 |
| 12 | aiodnsbrute | 622 |
| 13 | jfscan | 521 |
| 14 | graphw00f | 461 |
| 15 | Dome | 453 |
| 16 | Nebula | 354 |
| 17 | Lucifer | 335 |
| 18 | ADenum | 269 |
| 19 | ActiveReign | 243 |
| 20 | intelspy | 212 |
| 21 | aced | 140 |
| 22 | TireFire | 138 |
| 23 | kitsec-core | 137 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com