awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

7 repositorios

Awesome GitHub RepositoriesReconnaissance Tools

Utilities for mapping and discovering the structure of web applications.

Distinct from Web Application Security: Distinct from Web Application Security: focuses on active discovery and mapping of endpoints rather than defensive security layers.

Explore 7 awesome GitHub repositories matching security & cryptography · Reconnaissance Tools. Refine with filters or upvote what's useful.

Awesome Reconnaissance Tools GitHub Repositories

Encuentra los mejores repositorios con IA.Buscaremos los repositorios que mejor coincidan usando IA.
  • vxcontrol/pentagiAvatar de vxcontrol

    vxcontrol/pentagi

    17,766Ver en GitHub↗

    Pentagi is an autonomous security testing framework and agent orchestrator designed to plan and execute end-to-end security assessments. It utilizes a coordination engine to decompose complex goals into actionable subtasks, performing automated penetration testing and vulnerability research within isolated container environments. The system distinguishes itself through a temporal knowledge graph that tracks semantic relationships between entities and vulnerabilities to reuse intelligence across projects. It includes a web intelligence reconnaissance tool for automated data gathering and agent

    Includes tools for automated web reconnaissance to gather intelligence and map targets for security workflows.

    Goai-agentsai-security-toolanthropic
    Ver en GitHub↗17,766
  • projectdiscovery/katanaAvatar de projectdiscovery

    projectdiscovery/katana

    15,584Ver en GitHub↗

    Katana is a web crawler and spider designed for security reconnaissance and web application mapping. It functions as a utility for identifying endpoints, forms, and API structures across web targets by combining standard HTTP request traversal with headless browser automation to render dynamic, JavaScript-heavy content. The tool distinguishes itself through its ability to maintain authenticated sessions and handle complex web interactions, such as automated form submission and captcha resolution. It provides granular control over the discovery process, allowing users to define specific crawl

    Maps web application structures and endpoints to identify hidden resources during security assessments.

    Goclicrawlergocrawler
    Ver en GitHub↗15,584
  • s0md3v/xsstrikeAvatar de s0md3v

    s0md3v/XSStrike

    14,752Ver en GitHub↗

    XSStrike is an automated security scanning engine designed for web application discovery, input

    Mapping web application structures and discovering hidden paths to identify potential injection points for comprehensive security analysis.

    Pythonwaf-detectionxssxss-bruteforce
    Ver en GitHub↗14,752
  • maurosoria/dirsearchAvatar de maurosoria

    maurosoria/dirsearch

    14,403Ver en GitHub↗

    dirsearch is a command-line security tool and web path scanner used for discovering hidden directories and files on web servers. It functions as a recursive directory fuzzer and brute-force utility that identifies undocumented paths and sensitive files using wordlists and HTTP status codes. The tool distinguishes itself through template-driven path generation and an automated HTTP response filter that uses status codes, content length, and regex patterns to isolate valid targets. It supports recursive directory crawling to map complex web structures and provides state-persistence serializatio

    Implements utilities for mapping and discovering the structure of web applications through active reconnaissance.

    Python
    Ver en GitHub↗14,403
  • sullo/niktoAvatar de sullo

    sullo/nikto

    10,104Ver en GitHub↗

    Nikto is an open-source HTTP security auditing tool and web server vulnerability scanner. It functions as a reconnaissance engine designed to identify insecure server options, outdated software, and common vulnerabilities by analyzing HTTP responses. The project differentiates itself through capabilities for intrusion detection evasion and web server fingerprinting. It uses request-level encoding and timing spacers to bypass security filters and employs signature-based identification to determine specific server software versions and misconfigurations. The scanner covers broad capability are

    Discovers hidden directories and identifies server software versions through dictionary attacks.

    Perl
    Ver en GitHub↗10,104
  • lc/gauAvatar de lc

    lc/gau

    4,831Ver en GitHub↗

    Gau is a command-line tool and passive URL enumerator designed to discover and aggregate known and historical web addresses for specific target domains. It functions as a collection framework that retrieves domain-specific data from public web archives and threat intelligence providers. The tool focuses on passive reconnaissance and open-source intelligence research to map attack surfaces without sending requests directly to target infrastructure. It aggregates data from multiple external sources to identify accessible web endpoints and forgotten pages. The system includes capabilities for r

    Aggregates domain-specific URL data from external archives to map an application's attack surface.

    Goalienvaultgauhacktoberfest
    Ver en GitHub↗4,831
  • gerbenjavado/linkfinderAvatar de GerbenJavado

    GerbenJavado/LinkFinder

    4,390Ver en GitHub↗

    LinkFinder es una herramienta de reconocimiento de seguridad y análisis estático diseñada para el descubrimiento de endpoints en JavaScript. Extrae URLs absolutas y relativas y parámetros de archivos JavaScript para mapear la superficie de ataque de aplicaciones web e identificar rutas de API ocultas. La herramienta opera a través de análisis de código estático y coincidencia de patrones de expresiones regulares para encontrar endpoints sin ejecutar el código fuente. Incluye un procesador de datos para importar archivos exportados desde Burp Suite, permitiendo el análisis por lotes de múltiples activos JavaScript en una sola ejecución. El sistema proporciona capacidades para el análisis a nivel de dominio y filtrado específico de dominio para enfocar el descubrimiento en objetivos específicos. También cuenta con notificaciones de detección de palabras clave para alertar a los usuarios cuando cadenas específicas aparecen en los resultados, y soporta la exportación de datos descubiertos en formatos de texto plano o HTML.

    Maps and discovers the structure of web applications by scanning JavaScript assets across a target domain.

    Python
    Ver en GitHub↗4,390
  1. Home
  2. Security & Cryptography
  3. Web Application Security
  4. Reconnaissance Tools