30 open-source projects similar to initstring/linkedin2username, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Linkedin2username alternative.
This project is an open-source intelligence reconnaissance framework and recursive attack surface mapper. It functions as a containerized security scanner designed to map public-facing infrastructure, perform subdomain enumeration, and automate the gathering of open-source intelligence. The system employs a recursive discovery engine to iteratively explore target infrastructure, utilizing a plugin-based module architecture to extend scanning capabilities. It integrates third-party APIs for data enrichment and applies YARA rules across discovered assets to identify specific vulnerability patte
Gitleaks is a static analysis security tool and secret detection engine designed to find hardcoded passwords, API keys, and authentication tokens. It functions as a Git secret scanner that analyzes both local file systems and Git commit history to prevent credential leaks. The tool distinguishes itself through a decoding pipeline that transforms base64 and hex strings into plaintext to find obfuscated secrets. It further reduces false positives using proximity-based validation and fingerprint-based suppression to filter out known or baseline findings. The system covers a broad range of detec
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
S3Scanner is a security tool for auditing public access and misconfigured permissions across S3-compatible storage providers. It functions as a storage auditor and security scanner designed to identify open buckets, enumerate publicly accessible objects, and exfiltrate data from misconfigured cloud environments. The project is distinguished by its integration with message brokers, allowing it to consume target lists for large-scale cloud infrastructure audits. It also provides utilities for dumping the entire contents of misconfigured buckets to local directories and calculating the total siz
recon-ng is an open source intelligence reconnaissance framework designed to automate the collection and aggregation of public information. It is a modular intelligence tool that utilizes a system of pluggable modules to harvest target data, resolve DNS queries, and parse web content. The framework is built as an API-driven tool with a programmatic interface to integrate with other security workflows. It is provided as a containerized application, using Docker to ensure a consistent environment for running reconnaissance tasks and managing a persistent data store. Its capabilities cover exte
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
RustScan is a high-speed TCP network scanner written in Rust, designed for security reconnaissance and network mapping. It functions as an automated port discovery engine that identifies open ports on remote hosts using IPv6 addresses, CIDR ranges, or bulk input files. The tool is built for rapid surface area discovery, utilizing parallel port processing and OS-aware performance optimizations to identify active services. It allows for scan precision tuning through adjustable connection timeout thresholds and concurrent request controls to balance speed and accuracy. The system integrates wit
AttackSurfaceMapper (ASM) is a reconnaissance tool that uses a mixture of open source intelligence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It…
Feel free to sponsor me for maintaining the tool: https://github.com/sponsors/vysecurity
Buster is an advanced OSINT tool used to: Get social accounts of an email using multiple sources(gravatar,about.me,myspace,skype,github,linkedin,previous breaches) Get links to where the email was found using google,twitter,darksearch and paste sites Get breaches of an email Get domains…
Amass is a network attack surface mapper and reconnaissance framework designed to discover and map the external, internet-facing infrastructure of a target organization. It functions as an open source intelligence tool that identifies public network boundaries and locates hidden or forgotten subdomains to define an organization's total reachable footprint. The project utilizes passive-source data aggregation from external APIs and public databases alongside active DNS brute-forcing and recursive subdomain expansion. It employs a graph-based asset mapping system to visualize the relationships
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan
BLUTO DNS Recon | Brute Forcer | DNS Zone Transfer | DNS Wild Card Checks | DNS Wild Card Brute Forcer | Email Enumeration | Staff Enumeration | Compromised Account Enumeration | MetaData Harvesting
If you don't want to deal with servers and complex configurations when performing recon but would like more features in an integrated solution, Findomain offers a subdomains monitoring service that provides directory fuzzing, port scanning, vulnerability discovery, and more. Monitor your target…
Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
Extract URLs, paths, secrets, and other interesting bits from JavaScript
Sublist3r is a subdomain enumeration tool and passive reconnaissance framework designed to discover subdomains by querying search engines and public intelligence sources. It functions as a security tool for identifying the digital footprint of a target domain. The project provides both passive enumeration through multi-source API aggregation and active discovery via a DNS brute force tool. It includes a TCP port scanner to identify active services and open ports on discovered subdomains, facilitating attack surface mapping. The tool can be used as a standalone utility or as a Python security
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration