30 open-source projects similar to exp-db/pythonpool, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best PythonPool alternative.
Naabu is a port scanner library and tool that probes hosts for open ports using SYN, CONNECT, and UDP methods to identify active services. It functions as a Go library for embedding port scanning into programs, and as a standalone tool that accepts targets as hostnames, IP addresses, CIDR ranges, or ASN numbers. The tool discovers live hosts before scanning, filters ports by range or top lists, and can integrate with Nmap for service version detection. The project distinguishes itself through its SYN-based port probing approach that sends TCP SYN packets and analyzes responses without complet
scan4all is an all-in-one vulnerability scanner that orchestrates parallel network reconnaissance, service cracking, and exploit execution across a wide range of protocols. It combines port discovery, web fingerprinting, password cracking, and a plugin-based database of over 15,000 proof-of-concept exploits into a single automated pipeline, with results streamed to Elasticsearch for structured querying and analysis. The tool distinguishes itself through its multi-engine orchestration, coordinating tools like nmap, naabu, and nuclei under one pipeline to avoid redundant work and share results.
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
query over api - http://www.hackertarget.com/ - http://ptrarchive.com/ - ...
I had a lot of fun making this and I hope this project will change the way you see subdomain enumeration. The method explored here is highly effective and efficient.
Knock is an attack surface management tool and DNS reconnaissance framework used for discovering and mapping an organization's external infrastructure. It functions as a subdomain enumeration tool and HTTP security scanner to identify reachable hosts and organizational assets. The project distinguishes itself by using a passive-active hybrid enumeration strategy, combining external API lookups with active wordlist brute-force attacks and DNS zone transfers. It includes a multi-stage validation pipeline that detects DNS wildcard records and verifies host connectivity to filter out false positi
███████╗██╗ ██╗██████╗ ██╗ ██╗██╗███████╗ ██╔════╝██║ ██║██╔══██╗ ██║ ██║██║╚══███╔╝ ███████╗██║ ██║██████╔╝ ██║ █╗ ██║██║ ███╔╝ ╚════██║██║ ██║██╔══██╗ ██║███╗██║██║ ███╔╝ ███████║╚██████╔╝██████╔╝ ╚███╔███╔╝██║███████╗ ╚══════╝ ╚═════╝ ╚═════╝ ╚══╝╚══╝ ╚═╝╚══════╝
Subfinder is a passive subdomain enumeration tool and DNS discovery utility designed to identify valid subdomains and hostnames associated with a specific organization or domain. It functions as a passive reconnaissance tool, gathering information about target domains by querying online databases without sending network traffic to the target infrastructure. The tool utilizes a pluggable provider architecture to separate discovery logic into independent modules, allowing for the integration of multiple passive-source APIs. It employs a concurrent-worker request model to execute network request
Generates permutations, alterations and mutations of subdomains and then resolves them
Recon your targets at blazing speed - Enhance your productivity by focusing on interesting looking sites - Enumerate critical sites immediately - Sting your target
ksubdomain是一款基于无状态子域名爆破工具,支持在Windows/Linux/Mac上使用,它会很快的进行DNS爆破,在Mac和Windows上理论最大发包速度在30w/s,linux上为160w/s的速度。 ksubdomain的发送和接收是分离且不依赖系统,即使高并发发包,也不会占用系统描述符让系统网络阻塞。
theHarvester is a command-line utility designed for gathering open-source intelligence and mapping an organization's external attack surface. It functions as a security information gathering framework that automates the collection of publicly available data to assist in reconnaissance and threat analysis. The tool utilizes a plugin-based architecture to execute isolated queries against various search engines and public databases. It employs asynchronous task execution to run multiple discovery operations in parallel, while a centralized pipeline aggregates and deduplicates findings from these
A fast sub domain brute tool for pentesters
Aquatone is a web screenshot reconnaissance tool that captures full-page screenshots of web services discovered during network reconnaissance and groups them by visual similarity. It scans a list of hosts or domains for HTTP and HTTPS services on common and custom ports to find responsive web endpoints, then takes full-page screenshots of those pages for quick review. The tool accepts piped input from other tools and extracts URLs, domains, and IP addresses using regex pattern matching, making it pipeline-friendly for integration into existing workflows. It can also read XML output from Nmap
Listing subdomains about a main domain using the technique called Hacking with search engines.
Inventus is a spider designed to find subdomains of a specific domain by crawling it and any subdomains it discovers. It's a Scrapy spider, meaning it's easily modified and extendable to your needs.
Amass is a network attack surface mapper and reconnaissance framework designed to discover and map the external, internet-facing infrastructure of a target organization. It functions as an open source intelligence tool that identifies public network boundaries and locates hidden or forgotten subdomains to define an organization's total reachable footprint. The project utilizes passive-source data aggregation from external APIs and public databases alongside active DNS brute-forcing and recursive subdomain expansion. It employs a graph-based asset mapping system to visualize the relationships
本工具通过字典枚举的方式用于扫描探测子域名,意在帮助用户梳理子域名资产使用,dnsub使用go语言高并发扫描,并可展示 子域名、IP 、 CNAME、域名信息,处理了枚举中常见的泛解析问题,支持加载多个字典,枚举探测更多深度的子域名信息,帮助用户快速掌握域名资产,扫描速度快效率高且跨平台,希望这款工具能帮助你有更多的收获 : )
Sublist3r is a subdomain enumeration tool and passive reconnaissance framework designed to discover subdomains by querying search engines and public intelligence sources. It functions as a security tool for identifying the digital footprint of a target domain. The project provides both passive enumeration through multi-source API aggregation and active discovery via a DNS brute force tool. It includes a TCP port scanner to identify active services and open ports on discovered subdomains, facilitating attack surface mapping. The tool can be used as a standalone utility or as a Python security