Automated external attack-surface mapping.
ReconAutomateWeb appsNetworks
cyberstars / action / recon
Tools that recon
Gather open-source intelligence about a target.
65 tools indexed
Account search across 600+ networks.
ReconWeb apps
Active Directory attack-path graphing.
AnalyzeReconActive DirectoryCloud
CeWL
—Custom wordlist generator.
ReconAutomateWeb apps
Active Directory Certificate Services attack tool.
ExploitReconActive Directory
Visualize AWS environments.
AnalyzeReconCloud
Cook
—Wordlist framework for hackers.
ReconAutomateWeb appsNetworks
Docker enumeration + container escape.
ReconExploitCloudEndpoints
Advanced web path scanner.
FuzzReconWeb apps
Directory, DNS and vhost brute-forcer.
FuzzReconWeb appsNetworks
Microsoft Graph post-exploitation toolset.
ExploitReconCloud
OSINT-driven hostname discovery.
ReconWeb appsNetworks
Python toolkit for Windows protocols.
ExploitInterceptActive DirectoryNetworks
Next-generation crawling framework.
ReconScanWeb apps
Kerberos username enumeration and brute-forcing.
ReconCrackActive Directory
Linux privilege-escalation enumerator.
ReconScanEndpoints
Curated kernel privesc exploit database.
ExploitReconEndpoints
Username OSINT across 3000+ sites.
ReconWeb apps
Graph-based OSINT and link analysis.
ReconAnalyzeWeb appsNetworks
Mass IP port scanner.
ScanReconNetworks
Fast port scanner in Go.
ScanReconNetworks
Network service exploitation.
ExploitScanActive DirectoryNetworks
Nmap
—The classic network mapper and port scanner.
ScanReconNetworksEndpoints
In-depth attack surface mapping.
ReconScanWeb appsNetworks