Showing 100 open source projects for "enumeration"

View related business solutions
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • Train ML Models With SQL You Already Know Icon
    Train ML Models With SQL You Already Know

    BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

    Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
    Try Free
  • 1
    subfinder

    subfinder

    Fast passive subdomain enumeration tool

    Subfinder is a high-performance passive subdomain discovery tool built for fast and reliable asset enumeration. It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results.
    Downloads: 34 This Week
    Last Update:
    See Project
  • 2
    Humanizer Skill

    Humanizer Skill

    Claude Code skill that removes signs of AI-generated writing from text

    ...It also includes functions for transforming camelCase, snake_case, or PascalCase identifiers into spaced and capitalized representations suitable for user interfaces, reports, or documentation. Beyond text formatting, the library can handle pluralization, enumeration formatting (“A, B, and C”), and token expansion so that program-generated content feels more conversational.
    Downloads: 108 This Week
    Last Update:
    See Project
  • 3
    holehe

    holehe

    Check if the mail is used on different sites

    ...It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate quickly and quietly, emphasizing efficiency and minimal footprint during enumeration tasks. The project can be used both as a standalone command-line tool and as a library embedded into larger automation pipelines. Overall, holehe provides investigators with a focused and scalable method for mapping an email’s online presence.
    Downloads: 43 This Week
    Last Update:
    See Project
  • 4

    Network Enumeration Tool

    Network Enumeration Tool for Host Exploration and Recon

    N-ETHER (Network Enumeration Tool for Host Exploration and Reconnaissance) is a robust and highly automated Python script designed to streamline the critical initial phases of network security auditing and penetration testing. It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses.
    Downloads: 5 This Week
    Last Update:
    See Project
  • Error to trace to log to deploy. One click. No SSH. Icon
    Error to trace to log to deploy. One click. No SSH.

    Catch the cause before the pager goes off.

    AppSignal links every error to the trace, the trace to the log, the log to the deploy that shipped it.
    Free 30 days.
  • 5
    X-osint

    X-osint

    Open source OSINT tool for gathering data on emails, phones, and IPs

    ...It provides investigators and researchers with a centralized interface for running information-gathering tasks that would normally require multiple separate tools. X-osint can also perform domain-related reconnaissance activities such as subdomain enumeration, DNS lookups, and host discovery to help identify infrastructure associated with a target. In addition to network and domain intelligence, it includes features for extracting metadata from files or images and analyzing text content to uncover hidden details. X-osint is written primarily in Python and is designed to run in terminal environments, particularly on Linux systems and Termux setups.
    Downloads: 43 This Week
    Last Update:
    See Project
  • 6
    Raccoon

    Raccoon

    High-performance reconnaissance and vulnerability scanning tool

    ...The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. Raccoon can perform DNS enumeration, subdomain discovery, and URL fuzzing to uncover hidden endpoints and infrastructure components. It also integrates network scanning capabilities through tools such as Nmap to detect open ports, services, and potential vulnerabilities. By consolidating these reconnaissance tasks into a single command-line interface, Raccoon aims to streamline the early phases of security testing and provide actionable information for further investigation.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 7
    WPScan

    WPScan

    WPScan WordPress security scanner

    WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators.
    Downloads: 13 This Week
    Last Update:
    See Project
  • 8
    MediaDevices

    MediaDevices

    Go implementation of the MediaDevices API

    ...It provides a cross-platform, unified API for capturing and manipulating media streams and is often used in combination with Pion WebRTC for peer-to-peer communications. Its support for device enumeration, media constraints, and frame processing makes it a powerful building block for custom voice and video solutions in Go.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    discover

    discover

    Automation framework for reconnaissance and penetration testing tasks

    Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. The framework helps streamline activities such as information gathering, network scanning, and web application testing during security assessments. Discover also integrates with well-known security tools like Metasploit to generate malicious payloads and manage listeners for exploitation tasks. ...
    Downloads: 6 This Week
    Last Update:
    See Project
  • Fully Managed MySQL, PostgreSQL, and SQL Server Icon
    Fully Managed MySQL, PostgreSQL, and SQL Server

    Automatic backups, patching, replication, and failover. Focus on your app, not your database.

    Cloud SQL handles your database ops end to end, so you can focus on your app.
    Try Free
  • 10
    Scope Sentry

    Scope Sentry

    Cyberspace asset mapping and vulnerability scanning platform

    ...It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection. ScopeSentry can automatically identify assets and services, extract URLs, and crawl websites to collect useful security data for further analysis. It also includes vulnerability scanning and subdomain takeover detection to help identify common security weaknesses across web infrastructure. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11
    FinalRecon

    FinalRecon

    All-in-one Python web reconnaissance tool for fast target analysis

    FinalRecon is an all-in-one web reconnaissance tool written in Python that helps security professionals gather information about a target website quickly and efficiently. It combines multiple reconnaissance techniques into a single command-line utility so users do not need to run several separate tools to collect similar data. FinalRecon focuses on providing a fast overview of a web target while maintaining accuracy in the collected results. It includes modules for gathering server...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 12
    reconFTW

    reconFTW

    Automated framework for domain reconnaissance and vulnerability scans.

    ...The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external security utilities and coordinates them to produce comprehensive reconnaissance results efficiently. Its modular design allows users to customize the process, enabling or disabling modules and adjusting settings according to their needs. reconFTW also provides configuration options for API keys, execution preferences, and tool paths through a dedicated configuration file. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 13
    bettercap

    bettercap

    The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks

    bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.
    Downloads: 74 This Week
    Last Update:
    See Project
  • 14
    Pacu

    Pacu

    The AWS exploitation framework, designed for testing security

    ...What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 15
    Username Anarchy

    Username Anarchy

    Username generator for penetration testing and user enumeration

    ...It generates large sets of potential usernames based on a person’s name and common naming conventions used in corporate or online systems. These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    xLUA

    xLUA

    xLua is a lua programming solution for C#

    ...The most representative of these aspects are C# implementation (methods, operators, attributes, events, etc.) can be replaced with Lua implementation at runtime; excellent GC optimization, custom struct, enumeration transfer between Lua and C# without C# gc alloc; and there is no need to generate code under the editor, and the development is lighter. Open the zip package, and you will see an Assets directory, which corresponds to the Assets directory of the Unity project. Keep this directory structure and put it in your Unity project. A complete example only requires 3 lines of code. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 17
    SoftEther VPN

    SoftEther VPN

    Cross-platform multi-protocol VPN software

    An open-source free cross-platform multi-protocol VPN program, as an academic project from University of Tsukuba, under the Apache License 2.0. The API Suite allows you to easily develop your original SoftEther VPN Server management application to control the VPN Server (e.g. creating users, adding Virtual Hubs, disconnecting a specified VPN sessions) from JavaScript, TypeScript, C# or other languages. SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful...
    Downloads: 86 This Week
    Last Update:
    See Project
  • 18
    Hecke.jl

    Hecke.jl

    Computational algebraic number theory

    Hecke is a software package for algebraic number theory maintained by Claus Fieker, Tommy Hofmann and Carlo Sircana. It is written in julia and is based on the computer algebra packages Nemo and AbstractAlgebra. Hecke is part of the OSCAR project and the development is supported by the Deutsche Forschungsgemeinschaft DFG within the Collaborative Research Center TRR 195.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    BBOT

    BBOT

    The recursive internet scanner for hackers

    BBOT is an advanced open-source reconnaissance automation framework designed to streamline large-scale OSINT and attack surface discovery workflows. It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying...
    Downloads: 8 This Week
    Last Update:
    See Project
  • 20
    H4X-Tools

    H4X-Tools

    A modular, terminal-based toolkit for OSINT, reconnaissance

    ...Its tools cover areas such as Instagram profile research, web reconnaissance, phone lookup, IP lookup, username search, email search, leak intelligence, port scanning, WHOIS lookup, web scraping, directory discovery, Bluetooth scanning, and local user enumeration. The toolkit is designed to be extensible, so contributors can add new tools by creating modules that follow its BaseTool structure. It is intended for educational and authorized security research only, not for use against systems or accounts without permission.
    Downloads: 5 This Week
    Last Update:
    See Project
  • 21
    HexStrike AI MCP Agents

    HexStrike AI MCP Agents

    HexStrike AI MCP Agents is an advanced MCP server

    HexStrike AI is an MCP server that lets LLM agents autonomously operate a large catalog of offensive-security tools. Its goal is to bridge “language models” and practical pentest workflows—enumeration, exploitation, vulnerability discovery, and bug bounty reconnaissance—under safe, auditable controls. The server exposes typed tools and guardrails so agent prompts translate to concrete, parameterized actions rather than brittle shell strings. It ships with curated tool adapters, task orchestration, and guidance for connecting popular agent clients (Claude, GPT, Copilot) to a hardened execution environment. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 22
    Inventory

    Inventory

    Asset inventory dataset for public bug bounty program targets

    Trickest Inventory is an open source dataset and workflow collection designed to provide an extensive asset inventory for public bug bounty programs. The repository tracks and organizes security-relevant assets for more than 800 companies participating in public vulnerability disclosure and bug bounty initiatives. It collects information such as DNS records and web server data, helping security researchers better understand the attack surface of these programs. It aims to streamline...
    Downloads: 3 This Week
    Last Update:
    See Project
  • 23
    cloud_enum

    cloud_enum

    Multi-cloud OSINT tool for discovering public cloud resources

    ...It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. It can identify both publicly accessible and protected resources, helping security researchers understand the external cloud footprint of an organization.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 24
    PowerUpSQL

    PowerUpSQL

    A PowerShell toolkit for attacking SQL Server

    PowerUpSQL is a PowerShell toolkit focused on auditing, discovering, and post-exploitation activities for Microsoft SQL Server environments. It bundles a wide range of functions that help enumerate SQL Server instances, configuration settings, and potentially risky features so operators and testers can quickly understand an instance's security posture. The project is aimed at internal penetration testers and red-teamers but is also useful for database administrators and defenders who want to...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 25
    Th3inspector

    Th3inspector

    Best Tool For Information Gathering

    Th3Inspector is a Perl- and shell-based, all-in-one information-gathering toolkit built to quickly enumerate public and semi-public data about targets (domains, IPs, phone numbers, mail servers, etc.). It exposes a single command-line entrypoint (Th3inspector.pl) with many switches for common reconnaissance tasks — examples include website info, whois, MX lookup, geo-IP, subdomain discovery, CMS detection, port scanning, and Cloudflare real-IP resolution — so a user can chain many checks...
    Downloads: 2 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • Next
Auth0 Logo