Search Results for "enumeration"
Sort By:
Showing 127 open source projects for "enumeration"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
subfinder
Fast passive subdomain enumeration tool
Subfinder is a high-performance passive subdomain discovery tool built for fast and reliable asset enumeration. It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results. -
2
Humanizer Skill
Claude Code skill that removes signs of AI-generated writing from text
...It also includes functions for transforming camelCase, snake_case, or PascalCase identifiers into spaced and capitalized representations suitable for user interfaces, reports, or documentation. Beyond text formatting, the library can handle pluralization, enumeration formatting (“A, B, and C”), and token expansion so that program-generated content feels more conversational. -
3
holehe
Check if the mail is used on different sites
...It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate quickly and quietly, emphasizing efficiency and minimal footprint during enumeration tasks. The project can be used both as a standalone command-line tool and as a library embedded into larger automation pipelines. Overall, holehe provides investigators with a focused and scalable method for mapping an email’s online presence. -
4
MicroBurst
A collection of scripts for assessing Microsoft Azure security
MicroBurst is a PowerShell toolkit from NetSPI focused on assessing Microsoft Azure security by automating discovery, enumeration, and targeted auditing of cloud services and configurations. It bundles many functions to enumerate Azure resources (subscriptions, VMs, storage accounts, container registries, App Services and more), probe common misconfigurations, and harvest sensitive artifacts when available (for example storage blobs, keys, automation account credentials, and other subscription-level secrets). ... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
5
Network Enumeration Tool
Network Enumeration Tool for Host Exploration and Recon
N-ETHER (Network Enumeration Tool for Host Exploration and Reconnaissance) is a robust and highly automated Python script designed to streamline the critical initial phases of network security auditing and penetration testing. It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses. -
6
X-osint
Open source OSINT tool for gathering data on emails, phones, and IPs
...It provides investigators and researchers with a centralized interface for running information-gathering tasks that would normally require multiple separate tools. X-osint can also perform domain-related reconnaissance activities such as subdomain enumeration, DNS lookups, and host discovery to help identify infrastructure associated with a target. In addition to network and domain intelligence, it includes features for extracting metadata from files or images and analyzing text content to uncover hidden details. X-osint is written primarily in Python and is designed to run in terminal environments, particularly on Linux systems and Termux setups. -
7
MediaDevices
Go implementation of the MediaDevices API
...It provides a cross-platform, unified API for capturing and manipulating media streams and is often used in combination with Pion WebRTC for peer-to-peer communications. Its support for device enumeration, media constraints, and frame processing makes it a powerful building block for custom voice and video solutions in Go. -
8
Raccoon
High-performance reconnaissance and vulnerability scanning tool
...The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. Raccoon can perform DNS enumeration, subdomain discovery, and URL fuzzing to uncover hidden endpoints and infrastructure components. It also integrates network scanning capabilities through tools such as Nmap to detect open ports, services, and potential vulnerabilities. By consolidating these reconnaissance tasks into a single command-line interface, Raccoon aims to streamline the early phases of security testing and provide actionable information for further investigation. -
9
discover
Automation framework for reconnaissance and penetration testing tasks
Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. The framework helps streamline activities such as information gathering, network scanning, and web application testing during security assessments. Discover also integrates with well-known security tools like Metasploit to generate malicious payloads and manage listeners for exploitation tasks. ... -
Train ML Models With SQL You Already KnowBuild and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
-
10
WPScan
WPScan WordPress security scanner
WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators. -
11
Scope Sentry
Cyberspace asset mapping and vulnerability scanning platform
...It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection. ScopeSentry can automatically identify assets and services, extract URLs, and crawl websites to collect useful security data for further analysis. It also includes vulnerability scanning and subdomain takeover detection to help identify common security weaknesses across web infrastructure. ... -
12
xLUA
xLua is a lua programming solution for C#
...The most representative of these aspects are C# implementation (methods, operators, attributes, events, etc.) can be replaced with Lua implementation at runtime; excellent GC optimization, custom struct, enumeration transfer between Lua and C# without C# gc alloc; and there is no need to generate code under the editor, and the development is lighter. Open the zip package, and you will see an Assets directory, which corresponds to the Assets directory of the Unity project. Keep this directory structure and put it in your Unity project. A complete example only requires 3 lines of code. ... -
13
Username Anarchy
Username generator for penetration testing and user enumeration
...It generates large sets of potential usernames based on a person’s name and common naming conventions used in corporate or online systems. These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists. -
14
FinalRecon
All-in-one Python web reconnaissance tool for fast target analysis
FinalRecon is an all-in-one web reconnaissance tool written in Python that helps security professionals gather information about a target website quickly and efficiently. It combines multiple reconnaissance techniques into a single command-line utility so users do not need to run several separate tools to collect similar data. FinalRecon focuses on providing a fast overview of a web target while maintaining accuracy in the collected results. It includes modules for gathering server... -
15
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
...The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external security utilities and coordinates them to produce comprehensive reconnaissance results efficiently. Its modular design allows users to customize the process, enabling or disabling modules and adjusting settings according to their needs. reconFTW also provides configuration options for API keys, execution preferences, and tool paths through a dedicated configuration file. ... -
16
PowerSharpPack
Offensive CSharp Projects wraped into Powershell for easy usage
...Included projects cover a broad range of post-exploitation and reconnaissance needs: Kerberos tooling, host survey utilities, credential and browser data extractors, AD enumeration, privilege escalation helpers, persistence frameworks, and file/handle utilities. For convenience the repo also ships per-binary PowerShell loaders when users prefer to avoid loading the entire pack, plus helper binaries used for compression/encoding. -
17
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
18
Pacu
The AWS exploitation framework, designed for testing security
...What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation. -
19
Hecke.jl
Computational algebraic number theory
Hecke is a software package for algebraic number theory maintained by Claus Fieker, Tommy Hofmann and Carlo Sircana. It is written in julia and is based on the computer algebra packages Nemo and AbstractAlgebra. Hecke is part of the OSCAR project and the development is supported by the Deutsche Forschungsgemeinschaft DFG within the Collaborative Research Center TRR 195. -
20
libwdi
Windows Driver Installer library for USB devices
libwdi is a cross-platform open-source C library focused on simplifying the installation of device drivers for USB hardware that otherwise does not have automatic driver support, making it especially useful for developers building installers or system management tools. The library abstracts away many of the complexities of USB device enumeration and driver deployment on Windows systems, such as creating a list of devices, preparing appropriate driver files, and invoking the operating system’s driver installation mechanics, so your software doesn’t have to re-implement these low-level tasks. It provides a clean API that includes functions to detect driverless USB devices, prepare driver packages, install drivers programmatically, and handle logging and error codes reliably. ... -
21
SoftEther VPN
Cross-platform multi-protocol VPN software
An open-source free cross-platform multi-protocol VPN program, as an academic project from University of Tsukuba, under the Apache License 2.0. The API Suite allows you to easily develop your original SoftEther VPN Server management application to control the VPN Server (e.g. creating users, adding Virtual Hubs, disconnecting a specified VPN sessions) from JavaScript, TypeScript, C# or other languages. SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful... -
22
OWASP Amass
In-depth attack surface mapping and asset discovery
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application... -
23
HexStrike AI MCP Agents
HexStrike AI MCP Agents is an advanced MCP server
HexStrike AI is an MCP server that lets LLM agents autonomously operate a large catalog of offensive-security tools. Its goal is to bridge “language models” and practical pentest workflows—enumeration, exploitation, vulnerability discovery, and bug bounty reconnaissance—under safe, auditable controls. The server exposes typed tools and guardrails so agent prompts translate to concrete, parameterized actions rather than brittle shell strings. It ships with curated tool adapters, task orchestration, and guidance for connecting popular agent clients (Claude, GPT, Copilot) to a hardened execution environment. ... -
24
GooFuzz
OSINT fuzzing tool using Google dorks to find exposed resources
...It is written in Bash and automates the use of Google Dorking queries to discover publicly accessible information related to a target domain. Instead of directly sending requests to the target server, GooFuzz gathers results through search engine indexing, allowing enumeration without leaving traces in the target’s server logs. This method enables the discovery of potentially sensitive files, directories, subdomains, and parameters that are already exposed on the web. By combining wordlists, search operators, and file extension filters, the tool helps security professionals locate misconfigured or unintentionally exposed resources. ... -
25
Commando VM
Complete Mandiant Offensive VM (Commando VM)
...It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of hand-installing dozens of windows tools, dependencies, and configurations. Commando VM supports customization of its installation profile (you can pick subsets of tools), includes support for WSL/Kali integration, and is intended to be used in a VM to facilitate snapshot recovery and test isolation.
