Domain Email Breach Scanners

Amass is a network attack surface mapper and reconnaissance framework designed to discover and map the external, internet-facing infrastructure of a target organization. It functions as an open source intelligence tool that identifies public network boundaries and locates hidden or forgotten subdomains to define an organization's total reachable footprint. The project utilizes passive-source data aggregation from external APIs and public databases alongside active DNS brute-forcing and recursive subdomain expansion. It employs a graph-based asset mapping system to visualize the relationships between discovered domains and IP addresses, supported by a modular plugin system for integrating third-party discovery services. The framework covers broader capabilities including network reconnaissance, public asset discovery, and the preparation of security audits by mapping all reachable entry points. These processes are managed through a concurrent worker pipeline to accelerate the scanning and resolution of large target sets.

The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to manage high-performance, concurrent network connections and features a transport-agnostic communication layer that abstracts protocols to maintain persistent command and control. Users can extend the core functionality through a plugin system and define complex exploit logic using a domain-specific language. The framework provides robust capabilities for remote payload management, including the configuration of network settings like sleep intervals and timeout thresholds. It maintains state persistence across long-running sessions by storing discovered host information and vulnerability data in a relational database. The software is designed for cross-platform deployment, with installation support available for Linux, macOS, and Windows environments.

This project is an open-source intelligence reconnaissance framework and recursive attack surface mapper. It functions as a containerized security scanner designed to map public-facing infrastructure, perform subdomain enumeration, and automate the gathering of open-source intelligence. The system employs a recursive discovery engine to iteratively explore target infrastructure, utilizing a plugin-based module architecture to extend scanning capabilities. It integrates third-party APIs for data enrichment and applies YARA rules across discovered assets to identify specific vulnerability patterns. The framework covers a broad range of reconnaissance activities, including web application scanning, email address enumeration, and public infrastructure mapping. It maintains a state-persistent asset inventory and provides capabilities for web screenshot capture, parameter extraction, and real-time event streaming. Data is managed through an event-driven pipeline that supports external data export to databases and logging platforms, as well as notification delivery via webhooks to chat platforms.

FreeDomain is a centralized platform for managing the full lifecycle of domain names, providing services for free registration and web presence activation. It offers a unified administrative interface that allows users to secure digital identities across multiple top-level extensions and configure hosting environments through a guided setup process. The platform distinguishes itself through an API-driven orchestration layer that automates interactions with external registrars and simplifies complex infrastructure management by abstracting DNS configurations into standardized zone file updates. It incorporates multi-tenant identity management to ensure secure resource isolation and includes a policy-based compliance engine that utilizes event-driven workflows to identify and mitigate domain misuse. The system supports comprehensive domain administration, including tools for managing DNS records, maintaining connectivity settings, and facilitating formal abuse reporting. These administrative capabilities are supported by asynchronous task processing to handle high-latency requests, ensuring consistent system responsiveness during domain activation and propagation.

Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan outputs and triage vulnerabilities, alongside an active exploit validation engine to eliminate false positives. Its broader capabilities cover mobile application auditing for Android and iOS binaries, dark web leak monitoring, and asset risk assessment. The system provides a security analysis dashboard for managing multi-user workspaces, generating structured reports, and configuring security tools via a web interface. The environment is deployed using containers and persistent volumes to ensure a reproducible runtime.

This project is a standardized repository of malicious and malformed character sequences designed to stress-test data parsing and sanitization routines. It serves as a security testing corpus and a language-neutral reference for auditing software robustness against injection flaws and unexpected data handling errors across diverse platforms. The dataset functions as a benchmark for input validation, providing a curated collection of edge-case strings that allow developers to identify potential crashes and security vulnerabilities. By decoupling these test vectors from application logic, the repository enables modular security auditing and automated quality assurance without requiring modifications to the underlying system. The collection covers a broad range of testing requirements, including database query hardening, software input fuzzing, and general input validation testing. The data is provided in multiple standard formats to ensure compatibility with various programming languages and automated testing pipelines.

Mindmap is a cybersecurity knowledge base and reference library that organizes security tools, frameworks, and methodologies into a visual knowledge map. It functions as a curated directory of cheat sheets and command guides for offensive and defensive security operations, presented as a hierarchical interface with collapsible nodes. The project converts structured markdown files into navigable visual trees to facilitate the study of penetration testing workflows and DevOps learning roadmaps. It also serves as a security compliance framework, providing structured mappings of NIST and ISO 27001 controls for information security auditing. The platform covers a wide range of security domains, including tool cataloging for reconnaissance and reverse engineering, privilege escalation guides, and reference materials for active directory pentesting and network traffic analysis. The knowledge base is built using static content generation and a JSON-driven metadata catalog to populate its searchable lists and filterable galleries.

Changedetection.io is a self-hosted monitoring service designed to track web pages for content updates and notify users of changes. It functions as a centralized platform where users can manage tracking tasks, observe specific website elements, and receive automated alerts through various communication channels whenever modifications are detected. The service distinguishes itself through an integrated headless browser engine that executes interaction sequences, such as logins or form submissions, to access dynamic or restricted content. It maintains a historical record of page snapshots, utilizing a diffing engine to perform visual or textual comparisons that identify exactly how information has evolved over time. Users can isolate relevant page regions using specific query rules to filter out noise and focus on data points like price fluctuations or inventory status. The platform supports a modular notification pipeline that dispatches alerts to external services via webhooks. It also features a plugin-based architecture that allows for the integration of custom logic to transform raw page data before evaluation. Monitoring tasks can be organized using descriptive tags and imported from external files to streamline the management of large collections of tracked targets.

Lighthouse is an automated diagnostic tool that evaluates web pages against industry standards for performance, accessibility, and search engine optimization. It functions as a programmatic analysis engine and a command-line utility, allowing developers to integrate comprehensive web quality checks directly into continuous integration pipelines and local development workflows. The project distinguishes itself through a modular architecture that utilizes artifact-based data collection to ensure consistent analysis across different environments. It supports a headless execution mode for automated testing and provides a plugin-driven framework, enabling developers to register custom audit logic and specialized reporting categories to meet unique project requirements. Beyond its core auditing capabilities, the tool detects underlying web frameworks and content management systems to provide tailored optimization recommendations. It generates structured, machine-readable reports and offers multiple interfaces, including a browser-integrated panel and a dedicated extension, to facilitate real-time feedback during the development process.

CyberChef is a web-based application designed for performing complex data encoding, decoding, encryption, and analysis tasks. It provides a visual interface where users construct data transformation pipelines by chaining modular operations together, allowing raw input to be processed into a desired output format entirely within the local browser environment. The tool functions as a client-side cryptographic workbench, ensuring that all data processing logic remains local to the user's machine to maintain privacy and eliminate server-side overhead. By utilizing functional pipeline composition and state-driven synchronization, the application automatically updates its output as users modify their transformation sequences. To maintain responsiveness during intensive operations, the platform employs background thread processing and loads transformation modules on demand. The suite covers a broad range of capabilities for security incident investigation, cryptographic protocol analysis, and automated data parsing. Users can serialize their entire transformation state into a URL fragment, facilitating the sharing of complex workflows for security tool prototyping and technical research.