# Reconnaissance and OSINT > Search results for `Reconnaissance and OSINT` on awesome-repositories.com. 115 total matches; showing the first 50. Explore on the web: https://awesome-repositories.com/q/reconnaissance-and-osint **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [this search on awesome-repositories.com](https://awesome-repositories.com/q/reconnaissance-and-osint).** ## Results - [anoncatalyst/ominis-osint](https://awesome-repositories.com/repository/anoncatalyst-ominis-osint.md) (580 ⭐) — Refinement update started. Tuesday, September 17th. - [cqcore/telegram-osint](https://awesome-repositories.com/repository/cqcore-telegram-osint.md) (1,855 ⭐) — I have created this separate Repository for Telegram as there is a large amount of resources available. Remember if you are investigating / researching on the actual platform to beware of your own OPSEC. Some BOTS will ask you for your Telegram phone number and you should think OPSEC before you… - [ginsberg5150/discord-and-telegram-osint-references](https://awesome-repositories.com/repository/ginsberg5150-discord-and-telegram-osint-references.md) (193 ⭐) — PSE Commentgram: - Commentgram - PSE Francesco Poldi: - Pielco11 Telegram PSE - PSE Telegago: - Telegago - Li Xiaomeng's Telegram Search engine - Telegram Search - PSE Bosintblanc: - Bosintblanc - [cipher387/linux-for-osint-21-day](https://awesome-repositories.com/repository/cipher387-linux-for-osint-21-day.md) (594 ⭐) — In this repository you will find sample commands and test files for each day of the course "Linux for OSINT. A 21-day course for beginners". - [cipher387/python-for-osint-21-days](https://awesome-repositories.com/repository/cipher387-python-for-osint-21-days.md) (1,113 ⭐) — In this repository you will find sample code files for each day of the course "Python for OSINT. A 21-day course for beginners". - [z4nzu/hackingtool](https://awesome-repositories.com/repository/z4nzu-hackingtool.md) (77,515 ⭐) — This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating ext - [1n3/sn1per](https://awesome-repositories.com/repository/1n3-sn1per.md) (10,049 ⭐) — Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan - [sinwindie/osint](https://awesome-repositories.com/repository/sinwindie-osint.md) (3,575 ⭐) — Collections of Tools, Bookmarks, and other guides created to aid in OSINT collection - [laramies/theharvester](https://awesome-repositories.com/repository/laramies-theharvester.md) (15,687 ⭐) — theHarvester is a command-line utility designed for gathering open-source intelligence and mapping an organization's external attack surface. It functions as a security information gathering framework that automates the collection of publicly available data to assist in reconnaissance and threat analysis. The tool utilizes a plugin-based architecture to execute isolated queries against various search engines and public databases. It employs asynchronous task execution to run multiple discovery operations in parallel, while a centralized pipeline aggregates and deduplicates findings from these - [romz0mbie/osint-lists](https://awesome-repositories.com/repository/romz0mbie-osint-lists.md) (17 ⭐) — List of OSINT resources - [0x0be/yesitsme](https://awesome-repositories.com/repository/0x0be-yesitsme.md) (2,809 ⭐) — yesitsme is an Instagram OSINT search tool and identity mapping system used to locate social media profiles. It functions as a social media reconnaissance utility that correlates personal identifiers with account data to aid in digital investigations. The tool enables the discovery of Instagram accounts by matching target names, email addresses, or phone numbers against indexed records. This process allows for digital identity verification and contact-based user lookup to confirm if a specific person has a presence on the platform. The system incorporates an asynchronous request queue to man - [qeeqbox/social-analyzer](https://awesome-repositories.com/repository/qeeqbox-social-analyzer.md) (21,134 ⭐) — Social-analyzer is an open-source intelligence framework designed for the automated discovery, correlation, and verification of digital identities across online platforms. It functions as a comprehensive engine for gathering social media intelligence, utilizing distributed browser automation to extract metadata and profile information from hundreds of websites simultaneously. The platform distinguishes itself through its ability to perform cross-platform identity correlation using heuristic-based pattern matching and name permutation generation. It processes these findings through a confidenc - [seekr-osint/seekr](https://awesome-repositories.com/repository/seekr-osint-seekr.md) (818 ⭐) — A multi-purpose OSINT toolkit with a neat web-interface. - [termuxhackz/x-osint](https://awesome-repositories.com/repository/termuxhackz-x-osint.md) (2,431 ⭐) — This is an osint tool which gathers useful and yet credible valid information about a phone number, user's email address and ip address and more to come in future updates - [yogeshojha/rengine](https://awesome-repositories.com/repository/yogeshojha-rengine.md) (8,472 ⭐) — Rengine is an automated reconnaissance framework and vulnerability management platform designed for attack surface monitoring. It functions as a centralized hub for discovering subdomains and open ports, gathering open-source intelligence, and tracking security flaws across target networks. The system integrates large language models to analyze reconnaissance data and generate vulnerability descriptions and insights. It distinguishes itself through a plugin-based tool integration that wraps external security scanning binaries and a target mapping system that tracks changes to assets over time - [ang13t/satintel](https://awesome-repositories.com/repository/ang13t-satintel.md) (889 ⭐) — SatIntel is an OSINT tool for Satellites 🛰. Extract satellite telemetry, receive orbital predictions, and parse TLEs 🔭 - [0xinfection/tidos-framework](https://awesome-repositories.com/repository/0xinfection-tidos-framework.md) (1,865 ⭐) — The TIDoS Framework - [moham3driahi/th3inspector](https://awesome-repositories.com/repository/moham3driahi-th3inspector.md) (2,571 ⭐) — Th3inspector is a command-line open-source intelligence reconnaissance tool used for gathering public information on websites, phone numbers, and network records. It functions as a central interface for collecting technical metadata and performing various lookups to build profiles of target entities. The project provides specialized verification utilities for validating email addresses, phone numbers, and credit card bank identification numbers. It also includes tools for retrieving domain registration age, ownership records, and identified subdomains from global databases. Additional capabi - [postuf/telegram-osint-lib](https://awesome-repositories.com/repository/postuf-telegram-osint-lib.md) (313 ⭐) — Telegram scenario-based API aimed at OSINT - [vault-cyber-security/osint](https://awesome-repositories.com/repository/vault-cyber-security-osint.md) (138 ⭐) — Docker image for osint tools with Vault Cyber Security - [six2dez/reconftw](https://awesome-repositories.com/repository/six2dez-reconftw.md) (7,226 ⭐) — reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the discovery, mapping, and monitoring of external digital assets. It operates as a modular tool-chain pipeline that coordinates a sequence of security tools to perform intelligence gathering and vulnerability scanning. The project distinguishes itself through a cloud-native deployment model that parallelizes scanning workloads across a fleet of remote VPS instances to bypass local resource constraints. It utilizes container-based environment isolation to ensure consistent executio - [0x4m4/hexstrike-ai](https://awesome-repositories.com/repository/0x4m4-hexstrike-ai.md) (9,617 ⭐) — This project is a comprehensive security platform providing an LLM security orchestration framework, an AI agent firewall, and tools for vulnerability remediation, compliance automation, and endpoint protection. It functions as a centralized system to protect AI models from adversarial exploits while managing the identification and patching of software flaws. The platform distinguishes itself through the coordination of specialized AI agents to automate complex security workflows, including reconnaissance, bug hunting, and exploit development. It implements dedicated guardrails to block promp - [bevigil/bevigil-osint-cli](https://awesome-repositories.com/repository/bevigil-bevigil-osint-cli.md) (141 ⭐) — bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. - [bad-antics/marshall-extensions](https://awesome-repositories.com/repository/bad-antics-marshall-extensions.md) (7 ⭐) — 🔌 OSINT & Security Extensions for Marshall Browser - Installable plugins for enhanced reconnaissance and security testing - [s0md3v/photon](https://awesome-repositories.com/repository/s0md3v-photon.md) (12,953 ⭐) — Photon is a command-line web crawler designed for security reconnaissance and information gathering. It systematically traverses websites to discover URLs, map domain infrastructure, and identify associated subdomains by retrieving DNS records. The tool distinguishes itself through its ability to perform deep content analysis, including the extraction of sensitive data such as API keys and authentication tokens using user-defined regular expressions. It supports offline inspection by cloning crawled web content to the local filesystem, allowing for structural analysis without additional netwo - [harleo/knockknock](https://awesome-repositories.com/repository/harleo-knockknock.md) (190 ⭐) — A simple reverse whois lookup tool which returns a list of domains owned by people or companies - [reconurge/flowsint](https://awesome-repositories.com/repository/reconurge-flowsint.md) (6,979 ⭐) — Flowsint is an open-source intelligence framework and reconnaissance orchestrator used for cybersecurity investigations. It functions as a containerized tool runner and data mapper, automating the collection of intelligence from open-source providers and APIs to profile targets and map threat intelligence. The platform distinguishes itself through a graph-based investigation interface, where processed raw intelligence is converted into nodes and edges to visualize relationships between entities. It allows for the creation of sequenced pipelines that chain data enrichment tools, enabling the o - [bafomet666/osint-san](https://awesome-repositories.com/repository/bafomet666-osint-san.md) (0 ⭐) — Бесплатный OSINT-SAN Framework дает возможность быстро находить информацию и деанонимизировать пользователей сети интернет. С помощью нашего ПО вы сможете собирать информацию о пользователях как при использовании linux. - [enaqx/awesome-pentest](https://awesome-repositories.com/repository/enaqx-awesome-pentest.md) (26,410 ⭐) — A collection of awesome penetration testing resources, tools and other shiny things - [greydgl/pentestgpt](https://awesome-repositories.com/repository/greydgl-pentestgpt.md) (11,697 ⭐) — PentestGPT is an autonomous security testing framework that leverages large language models to plan, execute, and coordinate end-to-end penetration testing engagements. By functioning as an autonomous agent, the system automates the entire testing lifecycle, from initial reconnaissance and vulnerability analysis to the generation of custom exploits and the execution of post-exploitation tasks. The platform distinguishes itself through a multi-agent orchestration system that coordinates specialized AI agents to collaborate on complex, multi-stage attack chains. It integrates multimodal context - [snuri00/osint-mcp](https://awesome-repositories.com/repository/snuri00-osint-mcp.md) (0 ⭐) — A self-hosted OSINT (Open-Source Intelligence) toolkit that runs five ways: as an MCP server, an interactive AI REPL, a CLI, a web app, and — via OpenClaw — straight from chat apps like WhatsApp, Telegram, and Discord. It bundles 29 investigation tools across three domains — entity intelligence… - [clats97/clatscope](https://awesome-repositories.com/repository/clats97-clatscope.md) (1,493 ⭐) — Author: Joshua M Clatney aka Clats97 (Ethical Pentesting Enthusiast) - [projectdiscovery/subfinder](https://awesome-repositories.com/repository/projectdiscovery-subfinder.md) (13,105 ⭐) — Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc - [fauvidotechnologies/pybrowserautomation](https://awesome-repositories.com/repository/fauvidotechnologies-pybrowserautomation.md) (30 ⭐) — easy, reproducible, fast and low memory web automation for OSINT - [dutchosintguy/osint-discord-resources](https://awesome-repositories.com/repository/dutchosintguy-osint-discord-resources.md) (370 ⭐) — OSINT Discord resources that may be useful for searching or pivotting on Discord. - [matrixtm/mhddos](https://awesome-repositories.com/repository/matrixtm-mhddos.md) (16,224 ⭐) — MHDDoS is a command-line utility designed for volumetric stress testing and infrastructure resilience assessment. It functions as a comprehensive framework for simulating high-volume network and application layer traffic to evaluate the capacity and stability of web services and network infrastructure. The tool distinguishes itself through its ability to generate complex, protocol-specific traffic patterns and raw packet structures. By employing dynamic header randomization and specialized payload injection, it simulates diverse request behaviors intended to test the effectiveness of security - [drull1000/osint-guide](https://awesome-repositories.com/repository/drull1000-osint-guide.md) (0 ⭐) — This is a collection of everything I have learned about OSINT from various resources over the internet. Be aware that some of the tools presented here may change or stop working with time, which is normal. The most important thing you should get out of this is to learn the methods used and be… - [jasonxtn/argus](https://awesome-repositories.com/repository/jasonxtn-argus.md) (3,254 ⭐) — Argus is a modular network reconnaissance framework designed for gathering network intelligence, mapping infrastructure, and assessing security postures through automated discovery tasks. It operates as a containerized security toolset that allows for the consistent execution of specialized information-gathering modules across different operating systems. The system functions as an infrastructure audit tool and a web application security scanner, performing tasks such as DNS lookups, port scanning, and the inspection of HTTP headers to detect vulnerabilities. It also serves as a threat intell - [soxoj/osint-cli-tool-skeleton](https://awesome-repositories.com/repository/soxoj-osint-cli-tool-skeleton.md) (80 ⭐) — Template for new OSINT command-line tools. - [cybersader/websitetechminer-py](https://awesome-repositories.com/repository/cybersader-websitetechminer-py.md) (14 ⭐) — A little Python project to automate gathering website profiling data from "BuiltWith" & "Wappalyzer" for tech stack information, technographic data, website reports, website tech lookups, website architecture lookups, etc. - [usestrix/strix](https://awesome-repositories.com/repository/usestrix-strix.md) (20,138 ⭐) — Strix is an automated security research and vulnerability scanning platform that leverages language models to orchestrate complex security analysis tasks. It functions as a comprehensive framework for penetration testing and continuous security integration, allowing users to embed automated vulnerability research directly into development pipelines or execute it within isolated, containerized environments. The platform distinguishes itself through a multi-agent orchestration engine that coordinates specialized autonomous agents to perform parallel security assessments. By integrating LLM-agno - [furduhlutur/yar](https://awesome-repositories.com/repository/furduhlutur-yar.md) (241 ⭐) — Yar is a tool for plunderin' organizations, users and/or repositories. - [wddadk/offensive-osint-tools](https://awesome-repositories.com/repository/wddadk-offensive-osint-tools.md) (1,202 ⭐) — This repository contains tools and links that can be used during OSINT in Pentest or Red Team. Currently, there are numerous awesome lists with tons of tools, but Offensive Security specialists often don't need such an extensive selection. This motivated the creation of this list. These tools… - [techarohq/anubis](https://awesome-repositories.com/repository/techarohq-anubis.md) (17,067 ⭐) — Anubis is a command-line security reconnaissance framework designed for subdomain enumeration and attack surface mapping. It functions as a utility for security professionals to identify, catalog, and visualize the external digital footprint of an organization by discovering all subdomains associated with a target domain. The tool distinguishes itself through a modular resolver pipeline that integrates passive reconnaissance from third-party security APIs and public certificate transparency logs. It combines this data with active discovery methods, including recursive DNS brute-forcing and al - [subfinder/subfinder](https://awesome-repositories.com/repository/subfinder-subfinder.md) (13,859 ⭐) — Subfinder is a passive subdomain enumeration tool and DNS asset discovery utility designed for mapping the external attack surface of a domain. It functions as a passive reconnaissance framework that identifies subdomains by querying curated third-party data sources and APIs without interacting directly with the target infrastructure. The tool utilizes a modular provider interface to integrate various passive sources and employs concurrent request orchestration to manage simultaneous network queries. It includes wildcard DNS filtering to identify and remove catch-all records, ensuring the res - [c0mpl3xdev/e4gl30s1nt](https://awesome-repositories.com/repository/c0mpl3xdev-e4gl30s1nt.md) (682 ⭐) —       - [berchez/osint-steam](https://awesome-repositories.com/repository/berchez-osint-steam.md) (25 ⭐) — With SteamReveal, you can enter the URL of a Steam profile and discover the player's best friends and possible location. - [7orp3do/infoooze](https://awesome-repositories.com/repository/7orp3do-infoooze.md) (1,037 ⭐) — · Request Feature - [jivoi/awesome-osint](https://awesome-repositories.com/repository/jivoi-awesome-osint.md) (26,831 ⭐) — This project is a comprehensive, community-curated directory of resources and methodologies for open-source intelligence gathering. It serves as a centralized reference framework for researchers, providing a structured index of specialized tools, databases, and search techniques used to collect and analyze publicly available information from across the global internet. The directory distinguishes itself through a hierarchical taxonomy that organizes complex investigative domains, ranging from cyber threat intelligence and digital forensic investigation to geospatial analysis and operational s - [trimstray/the-book-of-secret-knowledge](https://awesome-repositories.com/repository/trimstray-the-book-of-secret-knowledge.md) (228,641 ⭐) — This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal