Showing 78 open source projects for "enumeration"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Save Up to 91% on Cloud Compute With Spot VMs Icon
    Save Up to 91% on Cloud Compute With Spot VMs

    Automatic sustained-use discounts. One free VM per month. No negotiation needed.

    Run batch jobs at 60-91% off with Spot VMs. Long-running workloads get automatic discounts with sustained use.
    Try Free
  • 1
    subfinder

    subfinder

    Fast passive subdomain enumeration tool

    Subfinder is a high-performance passive subdomain discovery tool built for fast and reliable asset enumeration. It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results.
    Downloads: 29 This Week
    Last Update:
    See Project
  • 2
    Humanizer Skill

    Humanizer Skill

    Claude Code skill that removes signs of AI-generated writing from text

    ...It also includes functions for transforming camelCase, snake_case, or PascalCase identifiers into spaced and capitalized representations suitable for user interfaces, reports, or documentation. Beyond text formatting, the library can handle pluralization, enumeration formatting (“A, B, and C”), and token expansion so that program-generated content feels more conversational.
    Downloads: 120 This Week
    Last Update:
    See Project
  • 3
    holehe

    holehe

    Check if the mail is used on different sites

    ...It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate quickly and quietly, emphasizing efficiency and minimal footprint during enumeration tasks. The project can be used both as a standalone command-line tool and as a library embedded into larger automation pipelines. Overall, holehe provides investigators with a focused and scalable method for mapping an email’s online presence.
    Downloads: 39 This Week
    Last Update:
    See Project
  • 4
    X-osint

    X-osint

    Open source OSINT tool for gathering data on emails, phones, and IPs

    ...It provides investigators and researchers with a centralized interface for running information-gathering tasks that would normally require multiple separate tools. X-osint can also perform domain-related reconnaissance activities such as subdomain enumeration, DNS lookups, and host discovery to help identify infrastructure associated with a target. In addition to network and domain intelligence, it includes features for extracting metadata from files or images and analyzing text content to uncover hidden details. X-osint is written primarily in Python and is designed to run in terminal environments, particularly on Linux systems and Termux setups.
    Downloads: 39 This Week
    Last Update:
    See Project
  • $300 Free Credits to Build on Google Cloud Icon
    $300 Free Credits to Build on Google Cloud

    New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.

    Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
    Claim $300 Free
  • 5
    WPScan

    WPScan

    WPScan WordPress security scanner

    WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators.
    Downloads: 14 This Week
    Last Update:
    See Project
  • 6
    MediaDevices

    MediaDevices

    Go implementation of the MediaDevices API

    ...It provides a cross-platform, unified API for capturing and manipulating media streams and is often used in combination with Pion WebRTC for peer-to-peer communications. Its support for device enumeration, media constraints, and frame processing makes it a powerful building block for custom voice and video solutions in Go.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    Raccoon

    Raccoon

    High-performance reconnaissance and vulnerability scanning tool

    ...The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. Raccoon can perform DNS enumeration, subdomain discovery, and URL fuzzing to uncover hidden endpoints and infrastructure components. It also integrates network scanning capabilities through tools such as Nmap to detect open ports, services, and potential vulnerabilities. By consolidating these reconnaissance tasks into a single command-line interface, Raccoon aims to streamline the early phases of security testing and provide actionable information for further investigation.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 8
    discover

    discover

    Automation framework for reconnaissance and penetration testing tasks

    Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. The framework helps streamline activities such as information gathering, network scanning, and web application testing during security assessments. Discover also integrates with well-known security tools like Metasploit to generate malicious payloads and manage listeners for exploitation tasks. ...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 9
    Pacu

    Pacu

    The AWS exploitation framework, designed for testing security

    ...What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation.
    Downloads: 2 This Week
    Last Update:
    See Project
  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • 10
    Username Anarchy

    Username Anarchy

    Username generator for penetration testing and user enumeration

    ...It generates large sets of potential usernames based on a person’s name and common naming conventions used in corporate or online systems. These generated username lists can then be used for activities such as username enumeration, password spraying, or brute force testing during security audits. Username Anarchy supports numerous formatting styles, allowing security testers to replicate patterns commonly used in enterprise environments such as first.last, flast, or firstinitiallastname. Username Anarchy can also utilize name sources gathered from OSINT techniques such as social networks or other public data to produce realistic username lists.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11
    bettercap

    bettercap

    The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks

    bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.
    Downloads: 65 This Week
    Last Update:
    See Project
  • 12
    xLUA

    xLUA

    xLua is a lua programming solution for C#

    ...The most representative of these aspects are C# implementation (methods, operators, attributes, events, etc.) can be replaced with Lua implementation at runtime; excellent GC optimization, custom struct, enumeration transfer between Lua and C# without C# gc alloc; and there is no need to generate code under the editor, and the development is lighter. Open the zip package, and you will see an Assets directory, which corresponds to the Assets directory of the Unity project. Keep this directory structure and put it in your Unity project. A complete example only requires 3 lines of code. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 13
    Hecke.jl

    Hecke.jl

    Computational algebraic number theory

    Hecke is a software package for algebraic number theory maintained by Claus Fieker, Tommy Hofmann and Carlo Sircana. It is written in julia and is based on the computer algebra packages Nemo and AbstractAlgebra. Hecke is part of the OSCAR project and the development is supported by the Deutsche Forschungsgemeinschaft DFG within the Collaborative Research Center TRR 195.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    SoftEther VPN

    SoftEther VPN

    Cross-platform multi-protocol VPN software

    An open-source free cross-platform multi-protocol VPN program, as an academic project from University of Tsukuba, under the Apache License 2.0. The API Suite allows you to easily develop your original SoftEther VPN Server management application to control the VPN Server (e.g. creating users, adding Virtual Hubs, disconnecting a specified VPN sessions) from JavaScript, TypeScript, C# or other languages. SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful...
    Downloads: 71 This Week
    Last Update:
    See Project
  • 15
    BBOT

    BBOT

    The recursive internet scanner for hackers

    BBOT is an advanced open-source reconnaissance automation framework designed to streamline large-scale OSINT and attack surface discovery workflows. It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying...
    Downloads: 7 This Week
    Last Update:
    See Project
  • 16
    HexStrike AI MCP Agents

    HexStrike AI MCP Agents

    HexStrike AI MCP Agents is an advanced MCP server

    HexStrike AI is an MCP server that lets LLM agents autonomously operate a large catalog of offensive-security tools. Its goal is to bridge “language models” and practical pentest workflows—enumeration, exploitation, vulnerability discovery, and bug bounty reconnaissance—under safe, auditable controls. The server exposes typed tools and guardrails so agent prompts translate to concrete, parameterized actions rather than brittle shell strings. It ships with curated tool adapters, task orchestration, and guidance for connecting popular agent clients (Claude, GPT, Copilot) to a hardened execution environment. ...
    Downloads: 5 This Week
    Last Update:
    See Project
  • 17
    Inventory

    Inventory

    Asset inventory dataset for public bug bounty program targets

    Trickest Inventory is an open source dataset and workflow collection designed to provide an extensive asset inventory for public bug bounty programs. The repository tracks and organizes security-relevant assets for more than 800 companies participating in public vulnerability disclosure and bug bounty initiatives. It collects information such as DNS records and web server data, helping security researchers better understand the attack surface of these programs. It aims to streamline...
    Downloads: 4 This Week
    Last Update:
    See Project
  • 18
    PowerUpSQL

    PowerUpSQL

    A PowerShell toolkit for attacking SQL Server

    PowerUpSQL is a PowerShell toolkit focused on auditing, discovering, and post-exploitation activities for Microsoft SQL Server environments. It bundles a wide range of functions that help enumerate SQL Server instances, configuration settings, and potentially risky features so operators and testers can quickly understand an instance's security posture. The project is aimed at internal penetration testers and red-teamers but is also useful for database administrators and defenders who want to...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 19
    SmartEnum

    SmartEnum

    A base class for creating strongly typed enum replacements in C#

    SmartEnum is a .NET library that provides a strongly typed alternative to traditional C# enums by allowing developers to create richer, object-oriented enumeration classes. Instead of being limited to primitive numeric values, SmartEnum enables enums to include behavior, validation, and additional properties while preserving type safety and readability. The library is widely used in domain-driven design scenarios where business concepts require more expressive modeling than standard enums allow. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    GooFuzz

    GooFuzz

    OSINT fuzzing tool using Google dorks to find exposed resources

    ...It is written in Bash and automates the use of Google Dorking queries to discover publicly accessible information related to a target domain. Instead of directly sending requests to the target server, GooFuzz gathers results through search engine indexing, allowing enumeration without leaving traces in the target’s server logs. This method enables the discovery of potentially sensitive files, directories, subdomains, and parameters that are already exposed on the web. By combining wordlists, search operators, and file extension filters, the tool helps security professionals locate misconfigured or unintentionally exposed resources. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    cloud_enum

    cloud_enum

    Multi-cloud OSINT tool for discovering public cloud resources

    ...It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. It can identify both publicly accessible and protected resources, helping security researchers understand the external cloud footprint of an organization.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    Backbone

    Backbone

    Give your JS app some Backbone with models, views, and collections

    Backbone is a lightweight JavaScript library (sometimes described as a micro-framework) created by Jeremy Ashkenas that adds structure to JavaScript-heavy applications by providing models, views, collections, events and routing tied to RESTful JSON services. Its main philosophy is to provide the minimal set of primitives to organise your client-side code — models for data, collections for groups of models, views for UI interactions, and routers for state/URL management — without prescribing...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23
    libwdi

    libwdi

    Windows Driver Installer library for USB devices

    libwdi is a cross-platform open-source C library focused on simplifying the installation of device drivers for USB hardware that otherwise does not have automatic driver support, making it especially useful for developers building installers or system management tools. The library abstracts away many of the complexities of USB device enumeration and driver deployment on Windows systems, such as creating a list of devices, preparing appropriate driver files, and invoking the operating system’s driver installation mechanics, so your software doesn’t have to re-implement these low-level tasks. It provides a clean API that includes functions to detect driverless USB devices, prepare driver packages, install drivers programmatically, and handle logging and error codes reliably. ...
    Downloads: 16 This Week
    Last Update:
    See Project
  • 24

    dir-aka

    The Dir-aka Vulnerability Scanner is a Python-based security tool

    ...By scanning for directory indexing, probing for commonly targeted paths, and analyzing HTTP responses, the scanner helps professionals preemptively mitigate risks such as data exposure, credential leaks, and unauthorized access Key Features Directory Enumeration: Scans directories for exposed files and folders. Automatically detects directory indexing if enabled. File Extension Filtering: Filters results based on user-defined file extensions (e.g., .php, .html, .txt) for precise discovery. Probing for Common Paths: Tests predefined paths like /admin/, /uploads/, .git/, and
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25
    Fuzzy machine learning framework

    Fuzzy machine learning framework

    A library and a GUI front-end for fuzzy machine learning

    Fuzzy machine learning framework is a library and a GUI front-end for machine learning using intuitionistic fuzzy data. The approach is based on the intuitionistic fuzzy sets and the possibility theory. Further characteristics are fuzzy features and classes; numeric, enumeration features and features based on linguistic variables; user-defined features; derived and evaluated features; classifiers as features for building hierarchical systems; automatic refinement in case of dependent features; incremental learning; fuzzy control language support; object-oriented software design with extensible objects and automatic garbage collection; generic data base support through ODBC or SQLite; text I/O and HTML output; an advanced graphical user interface based on GTK+; and examples of use.
    Downloads: 5 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • 2
  • 3
  • 4
  • Next
Auth0 Logo