# projectdiscovery/subfinder **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/projectdiscovery-subfinder).** 13,105 stars · 1,511 forks · Go · mit ## Links - GitHub: https://github.com/projectdiscovery/subfinder - Homepage: https://projectdiscovery.io - awesome-repositories: https://awesome-repositories.com/repository/projectdiscovery-subfinder.md ## Topics `bugbounty` `hacking` `hacktoberfest` `osint` `reconnaissance` `subdomain-enumeration` `subdomains` ## Description Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orchestration to parallelize discovery workloads across remote nodes. For dynamic web application analysis, the tool incorporates headless browser rendering to execute client-side code and capture visual state. The platform provides a broad capability surface for security operations, including asynchronous interaction monitoring to detect blind vulnerabilities and server-side request forgery. It features a domain-specific language for granular filtering of scan results and supports pipeline-oriented data streaming to integrate findings into external security tools and reporting systems. The software is implemented in Go and provides a command-line interface for executing discovery tasks and managing security workflows. ## Tags ### Security & Cryptography - [Attack Surface Management](https://awesome-repositories.com/f/security-cryptography/attack-surface-management.md) — Maps internet-exposed infrastructure and cloud assets to maintain visibility into an organization's total attack surface. - [Infrastructure Reconnaissance](https://awesome-repositories.com/f/security-cryptography/infrastructure-reconnaissance.md) — Automates the collection of domain associations, IP addresses, and network ranges to support security reconnaissance. - [Subdomain Enumeration Tools](https://awesome-repositories.com/f/security-cryptography/subdomain-enumeration-tools.md) — Identifies subdomains using passive online sources to expand the attack surface during security reconnaissance. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Reconnaissance and Assessment Platforms](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/reconnaissance-assessment-platforms.md) — Acts as a modular framework for mapping attack surfaces through automated asset discovery, subdomain enumeration, and infrastructure intelligence gathering. - [Vulnerability Scanning](https://awesome-repositories.com/f/security-cryptography/vulnerability-scanning.md) — Identifies security weaknesses by matching target infrastructure against a library of known vulnerability templates. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Asset Discovery Tools](https://awesome-repositories.com/f/security-cryptography/asset-discovery-tools.md) — Identifies and catalogs internet-facing infrastructure and cloud-hosted assets to maintain a comprehensive security inventory. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Vulnerability Scanners](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/vulnerability-assessment-tools/vulnerability-scanners.md) — Automates vulnerability detection by executing reusable security checks across multiple hosts. ([source](https://docs.projectdiscovery.io/cloud/editor/faq.md)) - [Cloud Security Monitoring](https://awesome-repositories.com/f/security-cryptography/cloud-security-monitoring.md) — Connects to cloud provider accounts to continuously assess and identify security risks within hosted environments. ([source](https://docs.projectdiscovery.io/home.md)) - [Automated Discovery Workflows](https://awesome-repositories.com/f/security-cryptography/privilege-escalation-tools/linux-enumeration/automated-discovery-workflows.md) — Triggers automated discovery workflows across domains using DNS, port scanning, and HTTP probing. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/create-enumeration.md)) - [AI Template Generators](https://awesome-repositories.com/f/security-cryptography/security-automation-templates/ai-template-generators.md) — Generates custom security scanning templates using AI to identify vulnerabilities based on specific requirements. ([source](https://docs.projectdiscovery.io/api-reference/templates/generate-ai-template.md)) - [Out-of-Band Interaction Monitoring](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/vulnerability-assessment-tools/vulnerability-scanners/out-of-band-interaction-monitoring.md) — Detects blind vulnerabilities by monitoring asynchronous DNS, HTTP, and protocol callbacks. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Template Synchronization](https://awesome-repositories.com/f/security-cryptography/threat-intelligence-platforms/template-synchronization.md) — Integrates community-contributed security templates to ensure rapid response to emerging threats and vulnerabilities. ([source](https://docs.projectdiscovery.io/cloud/introduction.md)) - [Out-of-Band Testing](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/out-of-band-testing.md) — Configures out-of-band testing to detect blind vulnerabilities via asynchronous network callbacks. ([source](https://docs.projectdiscovery.io/cloud/scanning/parameters.md)) - [Interaction Monitoring](https://awesome-repositories.com/f/security-cryptography/vulnerability-monitoring-systems/interaction-monitoring.md) — Captures asynchronous network callbacks to identify blind vulnerabilities and server-side request forgery. ([source](https://docs.projectdiscovery.io/opensource/interactsh/server.md)) - [Automated Security Scan Triggers](https://awesome-repositories.com/f/security-cryptography/vulnerability-scanning/scanning-template-libraries/automated-security-scan-triggers.md) — Automatically triggers security scans based on asset discovery and infrastructure changes to maintain continuous coverage. ([source](https://docs.projectdiscovery.io/cloud/scanning/external-scan.md)) - [Web Asset Probing](https://awesome-repositories.com/f/security-cryptography/web-asset-probing.md) — Performs active probing and fingerprinting of web assets to generate actionable security intelligence. ([source](https://docs.projectdiscovery.io/cloud/assets/overview.md)) - [Web Path Bruteforcing](https://awesome-repositories.com/f/security-cryptography/web-path-bruteforcing.md) — Probes specific URL paths across multiple targets to identify accessible endpoints, status codes, and potentially unsecured or sensitive resources. ([source](https://docs.projectdiscovery.io/opensource/httpx/running.md)) - [Web Technology Detection](https://awesome-repositories.com/f/security-cryptography/web-technology-detection.md) — Automates the fingerprinting of web technologies and frameworks running on discovered infrastructure. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Credential Monitoring Services](https://awesome-repositories.com/f/security-cryptography/credential-monitoring-services.md) — Detects and alerts on leaked login information from dark web sources and malware logs to identify potential security exposures. ([source](https://docs.projectdiscovery.io/cloud/credential-monitoring.md)) - [Exposed Host Discoverers](https://awesome-repositories.com/f/security-cryptography/exposed-host-discoverers.md) — Search public APIs and services to locate hosts that may be inadvertently exposed to the internet. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Infrastructure Misconfiguration Detectors](https://awesome-repositories.com/f/security-cryptography/infrastructure-as-code-security/infrastructure-misconfiguration-detectors.md) — Identifies security findings such as dangling DNS records or exposed origin IP addresses during asset enumeration. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/list-enumeration-misconfigurations.md)) - [Security Automation Templates](https://awesome-repositories.com/f/security-cryptography/security-automation-templates.md) — Provides a centralized system for creating, retrieving, and sharing automated security testing templates. ([source](https://docs.projectdiscovery.io/api-reference/introduction.md)) - [Security Finding Management](https://awesome-repositories.com/f/security-cryptography/security-finding-management.md) — Monitors identified security weaknesses, tracks retest outcomes, and maintains historical logs of discovered issues. ([source](https://docs.projectdiscovery.io/api-reference/introduction.md)) - [Security Payload Generators](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/exploit-development-utilities/payload-creation-tools/security-payload-generators.md) — Generates unique payloads to detect blind vulnerabilities via out-of-band interactions. ([source](https://docs.projectdiscovery.io/opensource/interactsh/running.md)) - [Vulnerability Monitoring Systems](https://awesome-repositories.com/f/security-cryptography/vulnerability-monitoring-systems.md) — Performs recurring security checks to monitor identified vulnerabilities and maintain an up-to-date security posture. ([source](https://docs.projectdiscovery.io/cloud/scanning/retesting.md)) - [API Access Security](https://awesome-repositories.com/f/security-cryptography/api-access-security.md) — Allows for the revocation of authentication keys to secure platform services and prevent unauthorized access. ([source](https://docs.projectdiscovery.io/api-reference/users/delete-api-key.md)) - [API Key Authentication](https://awesome-repositories.com/f/security-cryptography/api-key-authentication.md) — Provides mechanisms to request and manage unique authentication tokens for programmatic platform access. ([source](https://docs.projectdiscovery.io/api-reference/users/get-api-key.md)) - [Credential Rotators](https://awesome-repositories.com/f/security-cryptography/automated-secret-rotation/credential-rotators.md) — Supports the rotation of authentication tokens to maintain secure access to platform services. ([source](https://docs.projectdiscovery.io/api-reference/users/rotate-api-key.md)) - [Infrastructure Fingerprinters](https://awesome-repositories.com/f/security-cryptography/device-fingerprinting/fingerprint-configuration/tls-fingerprinting/infrastructure-fingerprinters.md) — Analyzes TLS configurations, ASN affiliations, and favicon hashes to categorize and map the underlying infrastructure of target web servers. ([source](https://docs.projectdiscovery.io/opensource/httpx/running.md)) - [Origin Exposure Detection](https://awesome-repositories.com/f/security-cryptography/origin-exposure-detection.md) — Detects misconfigured CDN hostnames that reveal underlying origin IP addresses. ([source](https://docs.projectdiscovery.io/cloud/integrations.md)) - [Scan Filtering Tools](https://awesome-repositories.com/f/security-cryptography/scan-filtering-tools.md) — Filters infrastructure assets to prioritize critical systems during security scans. ([source](https://docs.projectdiscovery.io/cloud/scanning/real-time-scans.md)) - [Security Vulnerability Reporting](https://awesome-repositories.com/f/security-cryptography/security-vulnerability-reporting.md) — Exports detailed vulnerability data for external analysis and reporting. ([source](https://docs.projectdiscovery.io/api-reference/scans/export-scan-vulnerability.md)) - [Vulnerability Data Query Engines](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/research-reference-knowledge/vulnerability-databases/vulnerability-data-query-engines.md) — Searches and filters vulnerability databases using criteria like product, vendor, severity, and CVSS score to identify relevant security issues. ([source](https://docs.projectdiscovery.io/opensource/cvemap/running.md)) - [Enumeration Task Triggers](https://awesome-repositories.com/f/security-cryptography/subdomain-enumeration-tools/enumeration-configuration-managers/enumeration-task-triggers.md) — Trigger a new execution of a previously completed discovery task to refresh results using the original configuration and parameters. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/rescan-enumeration.md)) - [Subdomain Enrichment Utilities](https://awesome-repositories.com/f/security-cryptography/subdomain-enumeration-tools/subdomain-enrichment-utilities.md) — Automatically expands and enriches subdomain wordlists to improve discovery coverage. ([source](https://docs.projectdiscovery.io/opensource/alterx/overview.md)) - [Exploitability Validation](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-vulnerabilities/exploitability-validation.md) — Simulates real-world attacks at runtime to confirm the exploitability of identified security vulnerabilities. ([source](https://docs.projectdiscovery.io/cloud/introduction.md)) - [Contextual Vulnerability Analysis](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/vulnerability-reporting/contextual-vulnerability-analysis.md) — Outputs structured vulnerability details for integration into automated analysis pipelines. ([source](https://docs.projectdiscovery.io/opensource/cvemap/running.md)) - [Vulnerability Retesters](https://awesome-repositories.com/f/security-cryptography/vulnerability-scanning/vulnerability-retesters.md) — Triggers a new scan for a specific vulnerability to verify its current status or confirm that a remediation has been successfully applied. ([source](https://docs.projectdiscovery.io/api-reference/scans/retest-vulnerability.md)) - [Wildcard Certificate Issuers](https://awesome-repositories.com/f/security-cryptography/wildcard-certificate-issuers.md) — Filters out false-positive DNS records caused by wildcard configurations to ensure accurate discovery. ([source](https://docs.projectdiscovery.io/opensource/dnsx/overview.md)) - [Wildcard DNS Filters](https://awesome-repositories.com/f/security-cryptography/wildcard-certificate-issuers/wildcard-dns-filters.md) — Identifies and removes false-positive subdomains caused by wildcard DNS configurations. ([source](https://docs.projectdiscovery.io/opensource/dnsx/running.md)) - [Wordlist Generators](https://awesome-repositories.com/f/security-cryptography/wordlist-generators.md) — Generates custom subdomain wordlists by applying patterns and variables for tailored security enumeration. ([source](https://docs.projectdiscovery.io/opensource/alterx/overview.md)) - [Discovery Scope Restrictors](https://awesome-repositories.com/f/security-cryptography/asset-discovery-tools/discovery-scope-restrictors.md) — Limits asset discovery to specific allowlists of targets to override default behavior. ([source](https://docs.projectdiscovery.io/cloud/assets/exclusions.md)) - [Domain-Based Access Controls](https://awesome-repositories.com/f/security-cryptography/domain-based-access-controls.md) — Restricts platform access to verified organizational domains and mandates single sign-on. ([source](https://docs.projectdiscovery.io/cloud/admin/saml-sso.md)) - [SSL/TLS Analyzers](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/audit-and-compliance/cryptographic-configuration-analyzers/ssl-tls-analyzers.md) — Provides tools to inspect and analyze TLS certificate details and security configurations from target services. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Credential Exposure Analyzers](https://awesome-repositories.com/f/security-cryptography/governance-policy-frameworks/compliance-governance/audit-and-compliance/infrastructure-audit-tools/email-security-analyzers/credential-exposure-analyzers.md) — Analyzes and reports on credential leak statistics for domains and email addresses to assess exposure. ([source](https://docs.projectdiscovery.io/cloud/credential-monitoring.md)) - [API Request Authentication](https://awesome-repositories.com/f/security-cryptography/identity-access-management/authentication-strategies/machine-and-protocol-identity/api-machine-authentication/api-request-authentication.md) — Validates API requests using unique keys to ensure secure programmatic communication. ([source](https://docs.projectdiscovery.io/api-reference/introduction.md)) - [Integration Detail Retrieval](https://awesome-repositories.com/f/security-cryptography/integration-detail-retrieval.md) — Provides APIs for retrieving detailed metadata and remediation steps for identified security vulnerabilities. ([source](https://docs.projectdiscovery.io/api-reference/get-vulnerability-by-id.md)) - [Private Network Security](https://awesome-repositories.com/f/security-cryptography/private-network-security.md) — Performs automated vulnerability assessments and continuous monitoring on private network segments. ([source](https://docs.projectdiscovery.io/home.md)) - [Private Template Managers](https://awesome-repositories.com/f/security-cryptography/private-network-security/private-template-managers.md) — Stores and synchronizes security templates in a cloud environment for collaborative access. ([source](https://docs.projectdiscovery.io/cloud/editor/overview.md)) - [Role-Based Access Control](https://awesome-repositories.com/f/security-cryptography/role-based-access-control.md) — Assigns permission levels to users to control access to administrative and operational features. ([source](https://docs.projectdiscovery.io/cloud/admin.md)) - [Target Exclusions](https://awesome-repositories.com/f/security-cryptography/scan-filtering-tools/target-exclusions.md) — Provides mechanisms to exclude specific ports, CDNs, or WAFs from security scan results. ([source](https://docs.projectdiscovery.io/opensource/naabu/running.md)) - [Security Scan Exclusions](https://awesome-repositories.com/f/security-cryptography/security-scan-exclusions.md) — Prevents specific targets or templates from being included in security scans by defining global or scope-specific exclusion rules. ([source](https://docs.projectdiscovery.io/api-reference/configurations/add-excluded-templates-and-targets.md)) - [Vulnerability Context Enrichers](https://awesome-repositories.com/f/security-cryptography/security-vulnerability-reporting/vulnerability-context-enrichers.md) — Enriches vulnerability records by linking them to external data sources including exploit scores, known exploited vulnerabilities, and security reports. ([source](https://docs.projectdiscovery.io/opensource/cvemap/overview.md)) - [Vulnerability Databases](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/research-reference-knowledge/vulnerability-databases.md) — Provides a structured interface to search and navigate common vulnerability and exposure records. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Credential Leak Databases](https://awesome-repositories.com/f/security-cryptography/security/operations-and-incident-response/credential-leak-databases.md) — Consolidates and retrieves records of exposed personal or employee data from multiple sources for security analysis. ([source](https://docs.projectdiscovery.io/api-reference/leaks/get-all-leaked-credentials.md)) - [Enumeration Configuration Managers](https://awesome-repositories.com/f/security-cryptography/subdomain-enumeration-tools/enumeration-configuration-managers.md) — Refines subdomain discovery scope by updating parameters and scanning steps. ([source](https://docs.projectdiscovery.io/api-reference/update-enumeration-config.md)) - [Threat Notification Systems](https://awesome-repositories.com/f/security-cryptography/threat-detection/threat-notification-systems.md) — Sends automated alerts regarding newly detected vulnerabilities or trending exploits to keep security teams and leadership informed. ([source](https://docs.projectdiscovery.io/cloud/scanning/real-time-scans.md)) - [Exposure Monitoring](https://awesome-repositories.com/f/security-cryptography/threat-intelligence-platforms/exposure-monitoring.md) — Retrieves and exports leaked credential data for integration with security workflows. ([source](https://docs.projectdiscovery.io/cloud/credential-monitoring.md)) - [Vulnerability Management](https://awesome-repositories.com/f/security-cryptography/vulnerability-management.md) — Retrieves chronological histories of vulnerabilities including discovery, template releases, and status changes. ([source](https://docs.projectdiscovery.io/api-reference/results/get-vulnerability-timeline.md)) - [Excluded Templates](https://awesome-repositories.com/f/security-cryptography/vulnerability-scanning/scanning-template-libraries/excluded-templates.md) — Prevents specific subdomains, IP addresses, or wildcard patterns from being processed during automated, manual, or scheduled security scans. ([source](https://docs.projectdiscovery.io/cloud/scanning/exclusions.md)) ### Data & Databases - [Cloud Asset Discoverers](https://awesome-repositories.com/f/data-databases/asset-inventory-management/cloud-asset-discoverers.md) — Identifies and inventories internet-exposed and cloud-hosted infrastructure assets. ([source](https://docs.projectdiscovery.io/cloud/introduction.md)) - [Asset Discovery Filters](https://awesome-repositories.com/f/data-databases/asset-filtering/asset-discovery-filters.md) — Filters discovered assets based on custom criteria and provider metadata to focus security analysis. ([source](https://docs.projectdiscovery.io/cloud/assets/exclusions.md)) - [Asset Inventory Management](https://awesome-repositories.com/f/data-databases/asset-inventory-management.md) — Tracks updates to domain ownership and certificate issuance to maintain an accurate asset inventory. ([source](https://docs.projectdiscovery.io/cloud/assets/associated-domains.md)) - [Automated Labelers](https://awesome-repositories.com/f/data-databases/asset-management/automated-labelers.md) — Automatically applies tags to discovered assets based on risk profiles to streamline security management. ([source](https://docs.projectdiscovery.io/cloud/assets/overview.md)) - [Asset Exporters](https://awesome-repositories.com/f/data-databases/asset-filtering/asset-exporters.md) — Enables exporting discovered assets and subdomains with filtering options for external analysis. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/export-enumeration.md)) - [Asset History Retrievers](https://awesome-repositories.com/f/data-databases/asset-filtering/asset-exporters/asset-history-retrievers.md) — Fetches a chronological log of changes for a specific asset, allowing filtering by time range and event type. ([source](https://docs.projectdiscovery.io/api-reference/assets/get-asset-changelogs-for-a-given-asset_id.md)) - [Asset Management Policies](https://awesome-repositories.com/f/data-databases/asset-management-policies.md) — Enforces automated rules and policies for infrastructure assets based on defined conditions. ([source](https://docs.projectdiscovery.io/cloud/assets/asset-policies.md)) - [Data Enrichment](https://awesome-repositories.com/f/data-databases/data-enrichment.md) — Enriches host data with CDN and ASN context to provide deeper infrastructure intelligence. ([source](https://docs.projectdiscovery.io/opensource/dnsx/usage.md)) - [Standard Stream Integration](https://awesome-repositories.com/f/data-databases/data-processing-pipelines/stream-processing-systems/data-streaming/structured-event-streams/standard-stream-integration.md) — Processes discovery results through standard input and output streams for seamless tool integration. - [Automated Asset Management Systems](https://awesome-repositories.com/f/data-databases/file-asset-management/3d-asset-managers/automated-asset-management-systems.md) — Executes automated actions like alerting or labeling on assets based on discovery criteria. ([source](https://docs.projectdiscovery.io/api-reference/assets/create-asset-policy.md)) - [Workflow Result Retrieval](https://awesome-repositories.com/f/data-databases/workflow-result-retrieval.md) — Fetches collected asset discovery results using flexible filtering criteria. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/get-all-enumeration-contents.md)) ### Development Tools & Productivity - [Configuration-Driven Scanning Engines](https://awesome-repositories.com/f/development-tools-productivity/configuration-driven-scanning-engines.md) — Executes modular security checks by interpreting YAML-based detection logic against target assets. - [Workflow Scanning](https://awesome-repositories.com/f/development-tools-productivity/scan-configurations/workflow-scanning.md) — Triggers and manages security scans programmatically via REST API for integration into development pipelines. ([source](https://docs.projectdiscovery.io/cloud/scanning/external-scan.md)) - [REST APIs](https://awesome-repositories.com/f/development-tools-productivity/rest-apis.md) — Exposes REST endpoints for programmatic access to templates, scan triggers, and AI generation capabilities. ([source](https://docs.projectdiscovery.io/cloud/editor/overview.md)) - [Scan Configurations](https://awesome-repositories.com/f/development-tools-productivity/scan-configurations.md) — Defines custom scan workflows using templates, headers, and rate limits. ([source](https://docs.projectdiscovery.io/cloud/scanning/external-scan.md)) - [Team Management](https://awesome-repositories.com/f/development-tools-productivity/team-management.md) — Organizes users into teams where administrators can invite members, update team details, and manage access permissions. ([source](https://docs.projectdiscovery.io/cloud/admin.md)) - [Visual Capture Tools](https://awesome-repositories.com/f/development-tools-productivity/visual-capture-tools.md) — Uses headless browsers to generate screenshots and capture rendered DOM for visual analysis. ([source](https://docs.projectdiscovery.io/opensource/httpx/running.md)) - [CLI Workflow Integrations](https://awesome-repositories.com/f/development-tools-productivity/cli-workflow-integrations.md) — Integrates discovery data into external pipelines, containers, and reporting dashboards. ([source](https://docs.projectdiscovery.io/opensource/httpx/running.md)) - [External Security Tool Integrations](https://awesome-repositories.com/f/development-tools-productivity/external-service-integrations/external-security-tool-integrations.md) — Integrates with external scanning tools to perform detailed service discovery and version detection. ([source](https://docs.projectdiscovery.io/opensource/naabu/overview.md)) - [Scan Allowlist Managers](https://awesome-repositories.com/f/development-tools-productivity/scan-configurations/scan-allowlist-managers.md) — Limits security operations to only those targets that match specified inclusion patterns, automatically ignoring any assets that fall outside the defined scope. ([source](https://docs.projectdiscovery.io/cloud/scanning/exclusions.md)) - [Task Scheduling](https://awesome-repositories.com/f/development-tools-productivity/task-scheduling.md) — Automates the configuration of recurring re-scan intervals for discovery tasks to maintain current data. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/set-enumeration-schedule.md)) - [Workspace Team Creation](https://awesome-repositories.com/f/development-tools-productivity/team-management/workspace-team-creation.md) — Initializes collaborative environments for managing security testing and vulnerability data within a centralized platform. ([source](https://docs.projectdiscovery.io/api-reference/internal/create-workspace.md)) ### DevOps & Infrastructure - [Domain-Based Discoverers](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/networking/domain-management/domain-registration-platforms/domain-correlation/domain-based-discoverers.md) — Identifies and monitors subdomains, IP addresses, and network ranges by scanning root domains. ([source](https://docs.projectdiscovery.io/cloud/assets/adding-assets.md)) - [Cloud Asset Inventory Managers](https://awesome-repositories.com/f/devops-infrastructure/cloud-infrastructure/storage-data-persistence/asset-hosting-services/cloud-asset-inventory-managers.md) — Catalogs and monitors internal and cloud-based network resources to ensure an accurate inventory of organizational assets. ([source](https://docs.projectdiscovery.io/opensource/cloudlist/usage.md)) - [Cloud Infrastructure](https://awesome-repositories.com/f/devops-infrastructure/cloud-infrastructure.md) — Maps and monitors cloud-hosted infrastructure assets across multiple service providers. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Cloud Synchronizers](https://awesome-repositories.com/f/devops-infrastructure/cloud-infrastructure-automation/cloud-synchronizers.md) — Maintains an up-to-date infrastructure inventory by connecting directly to cloud provider accounts. ([source](https://docs.projectdiscovery.io/cloud/assets/adding-assets.md)) - [Domain Correlation](https://awesome-repositories.com/f/devops-infrastructure/infrastructure/networking/domain-management/domain-registration-platforms/domain-correlation.md) — Discovers related domains by correlating acquisition history, certificate logs, and registration records. ([source](https://docs.projectdiscovery.io/cloud/assets/associated-domains.md)) - [Parallel Security Scanners](https://awesome-repositories.com/f/devops-infrastructure/scan-orchestration/parallel-scanning-algorithms/parallel-security-scanners.md) — Performs high-speed, multi-protocol security assessments across large target sets by leveraging cloud-native infrastructure to maximize throughput and coverage. ([source](https://docs.projectdiscovery.io/cloud/scanning/overview.md)) - [Internal Network Discoverers](https://awesome-repositories.com/f/devops-infrastructure/cloud-infrastructure/storage-data-persistence/asset-hosting-services/cloud-asset-inventory-managers/internal-network-discoverers.md) — Identifies internal network assets to build an accurate inventory for security analysis. ([source](https://docs.projectdiscovery.io/cloud/scanning/internal-scan.md)) - [Crawl Boundary Controls](https://awesome-repositories.com/f/devops-infrastructure/dependency-management/environment-scoping-controls/crawl-boundary-controls.md) — Adjusts concurrency, rate limits, and scope to control the speed and breadth of discovery processes. ([source](https://docs.projectdiscovery.io/opensource/katana/running.md)) - [Distributed Scanning Agents](https://awesome-repositories.com/f/devops-infrastructure/distributed-scanning-agents.md) — Scales discovery tasks by distributing workloads across multiple remote scanning agents. ([source](https://docs.projectdiscovery.io/cloud/scanning/internal-scan.md)) - [Distributed Task Orchestration](https://awesome-repositories.com/f/devops-infrastructure/distributed-task-orchestration.md) — Scales discovery and assessment tasks by parallelizing workloads across multiple remote nodes. - [Scan Orchestration](https://awesome-repositories.com/f/devops-infrastructure/scan-orchestration.md) — Orchestrates automated security assessments, including configuration, scheduling, and scan definition management. ([source](https://docs.projectdiscovery.io/api-reference/introduction.md)) - [Self-Hosted Deployment Infrastructure](https://awesome-repositories.com/f/devops-infrastructure/deployment-management/self-hosted-infrastructure-management/self-hosted-deployment-infrastructure.md) — Supports deploying self-hosted infrastructure for specialized protocol listeners and security testing. ([source](https://docs.projectdiscovery.io/opensource/interactsh/overview.md)) - [Scan Result Exporters](https://awesome-repositories.com/f/devops-infrastructure/scan-result-interpreters/scan-result-exporters.md) — Exports enumeration results into structured formats like JSON or CSV for external integration. ([source](https://docs.projectdiscovery.io/api-reference/asset/export-list-of-unique-domains-discovered-in-an-enumeration.md)) - [Asset Metadata Management](https://awesome-repositories.com/f/devops-infrastructure/asset-metadata-management.md) — Assigns descriptive labels to discovered infrastructure assets based on metadata and DNS analysis. ([source](https://docs.projectdiscovery.io/cloud/assets/labeling.md)) - [Container Orchestration Platforms](https://awesome-repositories.com/f/devops-infrastructure/container-orchestration-platforms.md) — Queries container orchestration platforms to retrieve asset information and maintain an accurate inventory. ([source](https://docs.projectdiscovery.io/opensource/cloudlist/providers.md)) - [Scan Record Removers](https://awesome-repositories.com/f/devops-infrastructure/scan-orchestration/scan-record-removers.md) — Delete a specific subdomain discovery task from the cloud platform using its unique identifier to clean up historical data. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/delete-enumeration.md)) - [Asset Exporters](https://awesome-repositories.com/f/devops-infrastructure/scan-result-interpreters/scan-result-exporters/asset-exporters.md) — Consolidates and exports unique assets identified during scans to facilitate further analysis. ([source](https://docs.projectdiscovery.io/api-reference/scans/export-list-of-unique-assets-for-a-scan.md)) ### Networking & Communication - [Attack Surface Mappers](https://awesome-repositories.com/f/networking-communication/internet-fundamentals/attack-surface-mappers.md) — Identifies and catalogs internet-facing infrastructure to provide visibility into the total attack surface. ([source](https://docs.projectdiscovery.io/home.md)) - [Port Scanners](https://awesome-repositories.com/f/networking-communication/port-scanners.md) — Scans network ports to identify open services and determine network exposure. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [DNS Reconnaissance](https://awesome-repositories.com/f/networking-communication/dns-query-routers/dns-reconnaissance.md) — Retrieves historical and active subdomain data from internet-wide datasets for reconnaissance. ([source](https://docs.projectdiscovery.io/opensource/chaos/overview.md)) - [DNS Record Resolvers](https://awesome-repositories.com/f/networking-communication/dns-query-routers/dns-reconnaissance/dns-record-resolvers.md) — Queries DNS record types like A, CNAME, and ASN to verify domain existence. ([source](https://docs.projectdiscovery.io/opensource/dnsx/running.md)) - [Domain Name Systems](https://awesome-repositories.com/f/networking-communication/domain-name-systems.md) — Translates domain names into IP addresses using multiple protocols and custom resolvers. ([source](https://docs.projectdiscovery.io/opensource/dnsx/overview.md)) - [Mappers](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-infrastructure-configuration/network-infrastructure/mappers.md) — Maps network infrastructure by correlating IP ranges and autonomous system numbers to uncover organizational assets. ([source](https://docs.projectdiscovery.io/cloud/assets/overview.md)) - [Network Origin Mapping](https://awesome-repositories.com/f/networking-communication/autonomous-system-identifiers/network-origin-mapping.md) — Resolves network ranges and autonomous system numbers to map organizational infrastructure. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [DNS Query Filters](https://awesome-repositories.com/f/networking-communication/dns-query-filters.md) — Filters DNS results to isolate relevant network records and exclude noise during enumeration. ([source](https://docs.projectdiscovery.io/opensource/dnsx/usage.md)) - [Wildcard Domain Detectors](https://awesome-repositories.com/f/networking-communication/domain-traffic-filters/domain-identifiers/wildcard-domain-detectors.md) — Filters out wildcard DNS responses to prevent false positives during large-scale enumeration. ([source](https://docs.projectdiscovery.io/opensource/dnsx/usage.md)) - [Network Connectivity Configurations](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-infrastructure-configuration/network-management/dns-connectivity-management/network-connectivity-configurations.md) — Customizes connection behavior and protocols to ensure accurate service discovery across diverse network environments. ([source](https://docs.projectdiscovery.io/opensource/httpx/usage.md)) - [Network Scanning Tools](https://awesome-repositories.com/f/networking-communication/network-scanning-tools.md) — Executes internal network scans to identify services and vulnerabilities within private subnets. ([source](https://docs.projectdiscovery.io/cloud/scanning/internal-scan.md)) - [IPv6 Network Stacks](https://awesome-repositories.com/f/networking-communication/communication-protocols-architectures/communication-protocols-standards/network-protocols/ipv6-network-stacks.md) — Supports scanning and network communication over both IPv4 and IPv6 protocols. ([source](https://docs.projectdiscovery.io/opensource/naabu/running.md)) - [DNS Utilities](https://awesome-repositories.com/f/networking-communication/dns-utilities.md) — Resolves domain names and identifies subdomains by querying various DNS records and passive data sources. - [Network Host Discoverers](https://awesome-repositories.com/f/networking-communication/network-scanning-tools/blind-scanning-utilities/network-host-discoverers.md) — Identifies active hosts on a network using various ping techniques like ARP, TCP, or ICMP before initiating port scans. ([source](https://docs.projectdiscovery.io/opensource/naabu/overview.md)) ### Web Development - [Web Crawling](https://awesome-repositories.com/f/web-development/web-automation-scraping/web-scraping-automation/web-crawling.md) — Navigates websites to discover endpoints and hidden details by parsing page content and following links across various web technologies. ([source](https://docs.projectdiscovery.io/opensource/katana/overview.md)) - [Headless Browsers](https://awesome-repositories.com/f/web-development/headless-browsers.md) — Uses automated browser engines to execute client-side JavaScript and capture visual state for web analysis. ([source](https://docs.projectdiscovery.io/opensource/katana/overview.md)) - [HTTP Response Handling](https://awesome-repositories.com/f/web-development/backend-development/request-response-handling/http-response-handling.md) — Configures dynamic HTTP responses to simulate service behaviors for security verification. ([source](https://docs.projectdiscovery.io/opensource/interactsh/overview.md)) ### Hardware & IoT - [Relationship Visualizers](https://awesome-repositories.com/f/hardware-iot/connectivity-iot/internet-of-things/industrial-iot-platforms/asset-management/relationship-visualizers.md) — Maps complex connections between assets and attack paths to visualize the organizational attack surface. ([source](https://docs.projectdiscovery.io/cloud/assets/overview.md)) ### System Administration & Monitoring - [Data Leak Monitors](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability/data-leak-monitors.md) — Detects and tracks exposed domains, email addresses, and other sensitive information associated with an organization. ([source](https://docs.projectdiscovery.io/api-reference/introduction.md)) - [System Activity Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/system-activity-monitoring.md) — Records significant system and user events to provide a comprehensive audit trail of organizational activity. ([source](https://docs.projectdiscovery.io/cloud/admin/audit-logs.md)) - [Alert Notification Systems](https://awesome-repositories.com/f/system-administration-monitoring/alert-notification-systems.md) — Streams real-time security notifications and tool output to multiple communication platforms. ([source](https://docs.projectdiscovery.io/opensource/index.md)) - [Alert Routing](https://awesome-repositories.com/f/system-administration-monitoring/alert-routing.md) — Sends automated notifications about discovery findings to external communication platforms for team awareness. ([source](https://docs.projectdiscovery.io/cloud/integrations.md)) - [Audit Log Filters](https://awesome-repositories.com/f/system-administration-monitoring/audit-log-filters.md) — Filters and analyzes audit logs to investigate security activities. ([source](https://docs.projectdiscovery.io/cloud/admin/audit-logs.md)) - [Discovery Result Exporters](https://awesome-repositories.com/f/system-administration-monitoring/log-analysis-reports/discovery-result-exporters.md) — Exports discovered subdomain data into structured formats like JSON or plain text for external analysis. ([source](https://docs.projectdiscovery.io/opensource/chaos/usage.md)) - [Observability Platform Log Exporting](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability/observability-platforms/log-management-systems/log-management-services/observability-platform-log-exporting.md) — Streams audit logs to external security information and event management platforms. ([source](https://docs.projectdiscovery.io/cloud/admin/audit-logs.md)) - [Resource Change Monitors](https://awesome-repositories.com/f/system-administration-monitoring/resource-monitoring/resource-change-monitors.md) — Tracks infrastructure drift and new endpoints continuously to ensure visibility into evolving environments and prevent security gaps. ([source](https://docs.projectdiscovery.io/cloud/introduction.md)) ### Software Engineering & Architecture - [Security Tool Integrations](https://awesome-repositories.com/f/software-engineering-architecture/application-frameworks/autonomous-agent-frameworks/external-tool-integrations/security-tool-integrations.md) — Integrates security findings into external workflows via standard input and output streams. ([source](https://docs.projectdiscovery.io/home.md)) - [Filtering Engines](https://awesome-repositories.com/f/software-engineering-architecture/filtering-engines.md) — Applies domain-specific language expressions to scan results for granular control over asset selection. - [Remediation Tracking](https://awesome-repositories.com/f/software-engineering-architecture/remediation-tracking.md) — Tracks vulnerability status and synchronizes remediation efforts with external ticketing systems. ([source](https://docs.projectdiscovery.io/cloud/introduction.md)) - [Credential Leak Remediation Trackers](https://awesome-repositories.com/f/software-engineering-architecture/remediation-tracking/credential-leak-remediation-trackers.md) — Tracks the status of identified credential exposures by allowing users to mark leaks as resolved or reopen them as needed. ([source](https://docs.projectdiscovery.io/cloud/credential-monitoring.md)) - [Hostname Permutation Generators](https://awesome-repositories.com/f/software-engineering-architecture/string-processing-algorithms/prefix-based-pattern-matching-algorithms/hostname-permutation-generators.md) — Generates targeted subdomain variations using naming patterns and dynamic payloads to improve discovery efficiency. ([source](https://docs.projectdiscovery.io/opensource/alterx/running.md)) - [Request Throttling](https://awesome-repositories.com/f/software-engineering-architecture/request-throttling.md) — Limits request rates to target hosts to balance scan speed with network impact. ([source](https://docs.projectdiscovery.io/cloud/scanning/parameters.md)) - [Crawling Request Throttlers](https://awesome-repositories.com/f/software-engineering-architecture/request-throttling/crawling-request-throttlers.md) — Manages network load by configuring concurrency and request rate limits during large-scale discovery operations. ([source](https://docs.projectdiscovery.io/opensource/katana/usage.md)) ### Testing & Quality Assurance - [Analysis Result Dashboards](https://awesome-repositories.com/f/testing-quality-assurance/code-quality-review/static-analysis/analysis-result-dashboards.md) — Displays discovered web assets and status information through an integrated dashboard for monitoring. ([source](https://docs.projectdiscovery.io/opensource/httpx/overview.md)) ### Artificial Intelligence & ML - [Recurring Agent Scheduling](https://awesome-repositories.com/f/artificial-intelligence-ml/agent-architectures/orchestration-engines/ai-agent/runtime-execution-control/recurring-agent-scheduling.md) — Enables the cancellation of recurring automated scan tasks to stop future discovery executions. ([source](https://docs.projectdiscovery.io/api-reference/enumerations/delete-enumeration-schedule.md)) ### Business & Productivity Software - [Automated Audit Schedulers](https://awesome-repositories.com/f/business-productivity-software/scheduling-automation/automated-audit-schedulers.md) — Configures recurring timetables for automated security assessments to ensure consistent monitoring. ([source](https://docs.projectdiscovery.io/api-reference/scans/set-scan-schedule.md)) - [Member Permission Modifiers](https://awesome-repositories.com/f/business-productivity-software/team-member-management/member-permission-modifiers.md) — Updates the access level and role of existing team members to adjust administrative capabilities. ([source](https://docs.projectdiscovery.io/api-reference/internal/update-team-member.md))