Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: passive-recon

NakuTenshi/JSHound

JSHound is a recon tool designed for bug bounty hunters and pentesters. It helps you extract JavaScript files of a target domain from multiple sources (Wayback Machine, Common Crawl, urlscan.io), and then searches those files for potentially sensitive information such as API keys, tokens, credentials, and more.

Language: Python - Size: 487 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 1 - Forks: 0

atharvbyadav/GhostPath

👻 GhostPath — A powerful modular reconnaissance toolkit built for hackers, OSINT professionals & bug bounty hunters — passive + active recon in a sleek CLI shell. Discover subdomains, probe paths, mine archives and hunt certificates — all from one interactive terminal interface.

Language: Python - Size: 5.09 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 2 - Forks: 0

Ali2888/fast-subcheck

🌐 Discover active subdomains quickly with fast-subcheck, a fast and efficient tool for subdomain enumeration using a user-friendly CLI interface.

Language: Python - Size: 44.9 KB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 0 - Forks: 0

InfoSecWarrior/Offensive-Recon

Passive Reconnaissance Techniques Approach helps for penetration testing and bug bounty hunting by gathering information about a target system or network.

Language: PHP - Size: 85.9 KB - Last synced at: 20 days ago - Pushed at: 20 days ago - Stars: 15 - Forks: 16

TahaHatami/fast-subcheck

A fast and live subdomain checker with CLI output.

Language: Python - Size: 55.7 KB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 1 - Forks: 0

DelorianCS/dns-osint

Lightweight OSINT tool for passive DNS/subdomain discovery, DNS record lookup, reverse‑DNS and title extraction.

Language: Python - Size: 3.58 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0

josh1643/totalrecon

A lightweight Python tool for passive reconnaissance, including subdomain, email, and S3 bucket extraction, with AI-powered scanner for sensitive infrastructure mentions.

Language: Python - Size: 13.7 KB - Last synced at: about 7 hours ago - Pushed at: 4 months ago - Stars: 6 - Forks: 0

abuyv/exposor

Exposor is a tool using internet search engines to detect exposed technologies with a unified syntax.

Language: Python - Size: 1.83 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 57 - Forks: 10

ahali00/subcrt

Minimal Python tool for subdomain discovery using crt.sh

Language: Python - Size: 21.5 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

hack-with-ethics/dns-recon-dns-redTeaming

This is a Python script that provides the ability to perform: Check all NS Records for Zone Transfers. Enumerate General DNS Records for a given Domain (MX, SOA, NS, A, AAAA, SPF and TXT). Perform common SRV Record Enumeration. Top Level Domain (TLD) Expansion.

Language: Python - Size: 20.5 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 7 - Forks: 0

couragebforedth/the-watcher

A honeypot that tracks unique visitors to a web server then gathers intelligence on them.

Language: PHP - Size: 359 KB - Last synced at: 6 months ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0

rohmadhidayah/InScrape

Instagram information gathering

Language: Python - Size: 4.88 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 1

rohmadhidayah/Raikage

Phone number osint

Language: Python - Size: 3.91 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 0

sakibulalikhan/sub-finder

Passive Recon - Subdomain Enumeration With Sub-Finder.

Language: Python - Size: 614 KB - Last synced at: over 2 years ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0

Related Keywords
passive-recon 14 reconnaissance 7 subdomain-enumeration 6 osint 6 cybersecurity 4 recon 4 python-script 3 cli-tool 3 open-source 3 infosec 3 subdomain 2 penetration-testing 2 active-subdomains 2 hacking 2 automation 2 dns-resolution 2 multithreading 2 network-security 2 termux 2 bug-bounty 2 web-scanning 2 pentesting 2 dns 2 python 2 crtsh 1 security-tool 1 active-recon 1 dnsenum-pentest-tool 1 dnsrecon 1 reconaissance 1 subdomains-enumeration 1 zoomeye 1 vulnerability-detection 1 shodan 1 security-tools 1 security 1 fofa 1 cve 1 cpe 1 contactless-recon 1 censys 1 asset-inventory 1 text-mining 1 redteam 1 subdomain-scanner 1 subdomain-finder 1 termux-tool 1 python-project 1 python-phonenumbers 1 phone-number-recon 1 phone-number-osint 1 phone-number-information-gathering 1 phone-number-extraction 1 open-source-intelligence 1 instagram-scraping 1 instagram-osint 1 instagram-information-gathering 1 ig-scrape 1 ig-osint 1 traffic-analysis 1 sqlite 1 shodan-api 1 php 1 logging 1 honeypot 1 redteaming 1 ip-lookup 1 google-dorks 1 github-recon 1 github-dorks 1 email-tracking 1 web-recon 1 information-gathering 1 historical-data 1 ghostpath 1 ethical-hacking 1 commoncrawl 1 pentesting-tool 1 pentest-tools 1 pentest-tool 1 narrowrecon-tool 1 narrow-recon-tool 1 narrow-recon 1 js 1 hacking-tool 1 bugbounty-tool 1 bugbou 1 passive-reconnaissance 1 osnit-framework 1 osnit 1 machine-learning 1 cybersecurity-tools 1 cyber-security 1 ctf 1 bugbounty 1 ai-recon 1 ai 1 tools 1 tool 1 red-team 1