30 open-source projects similar to jgor/dork-cli, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Dork Cli alternative.
A geolocation OSINT tool. Offers geolocation information gathering through social networking platforms.
This project is a GitHub secret scanner and dorking tool designed to identify leaked credentials and private keys within repositories. It functions as an API reconnaissance utility that uses curated search queries and automated dorks to locate sensitive data across public and enterprise GitHub instances. The tool enables security vulnerability research and enterprise auditing by targeting both public cloud instances and private enterprise installations via configurable base URLs. It utilizes token-based authentication to access private repository content and bypass API rate limits. The syste
An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.
theHarvester is a command-line utility designed for gathering open-source intelligence and mapping an organization's external attack surface. It functions as a security information gathering framework that automates the collection of publicly available data to assist in reconnaissance and threat analysis. The tool utilizes a plugin-based architecture to execute isolated queries against various search engines and public databases. It employs asynchronous task execution to run multiple discovery operations in parallel, while a centralized pipeline aggregates and deduplicates findings from these
vcsmap is a plugin-based tool to scan public version control systems for sensitive information.
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan
XRay is a tool for recon, mapping and OSINT gathering from public networks.
Rengine is an automated reconnaissance framework and vulnerability management platform designed for attack surface monitoring. It functions as a centralized hub for discovering subdomains and open ports, gathering open-source intelligence, and tracking security flaws across target networks. The system integrates large language models to analyze reconnaissance data and generate vulnerability descriptions and insights. It distinguishes itself through a plugin-based tool integration that wraps external security scanning binaries and a target mapping system that tracks changes to assets over time
Ruby exiftool wrapper that is simple, correct, and supports multiget
An open source intelligence tool to crawl the graph of certificate Alternate Names
GHunt is a Google account investigator and open-source intelligence framework designed to retrieve publicly available information and metadata associated with Google accounts. It functions as an OSINT data extractor and offensive security framework used to identify user identities and uncover hidden metadata. The tool extracts public profile data from various Google services and exports the findings into structured JSON formats. This allows for the collection and analysis of digital footprints to support security research and reconnaissance.
This project is a comprehensive, community-curated directory of resources and methodologies for open-source intelligence gathering. It serves as a centralized reference framework for researchers, providing a structured index of specialized tools, databases, and search techniques used to collect and analyze publicly available information from across the global internet. The directory distinguishes itself through a hierarchical taxonomy that organizes complex investigative domains, ranging from cyber threat intelligence and digital forensic investigation to geospatial analysis and operational s
h8mail is an open-source intelligence tool for searching leaked credentials and compromised accounts across remote APIs and local data dumps. It functions as a credential leak hunter and email reconnaissance framework designed to identify exposed passwords and sensitive information using usernames, domains, IP addresses, and email hashes. The tool distinguishes itself through a recursive target expansion system that feeds newly discovered email addresses back into the search queue to broaden the scope of investigations. It also includes a local breach data parser that employs multiprocessing
recon-ng is an open source intelligence reconnaissance framework designed to automate the collection and aggregation of public information. It is a modular intelligence tool that utilizes a system of pluggable modules to harvest target data, resolve DNS queries, and parse web content. The framework is built as an API-driven tool with a programmatic interface to integrate with other security workflows. It is provided as a containerized application, using Docker to ensure a consistent environment for running reconnaissance tasks and managing a persistent data store. Its capabilities cover exte
This project is a curated collection of frameworks, libraries, and toolsets designed for social engineering and public data gathering. It aggregates specialized software and educational materials used to perform human-centric attacks during professional security engagements. The directory provides resources for gathering and visualizing open source intelligence to identify sensitive information leaks. It also includes a collection of methods and software for executing phishing campaigns to harvest credentials and session cookies. The repository further covers educational materials focused on
Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe
An extendable tool to Collect, Crawl and Monitor onion sites on tor network and index collected information on Elasticsearch
🎇 Quickly search over billions of images
GyoiThon is a growing penetration test tool using Machine Learning.
Collector is a OSINT tool and information gathering. I build this tool for my fun and you can use this tool for do OSINT. In github account and instagram account you can find information by username.
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
Yar is a tool for plunderin' organizations, users and/or repositories.