Search Results for "security" - Page 2
Sort By:
Showing 68 open source projects for "security"
View related business solutions-
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
BBOT
The recursive internet scanner for hackers
...The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying the core engine. BBOT is particularly valuable for security researchers and red teamers who need to automate multi-stage discovery processes across complex infrastructures. Its architecture supports chaining multiple reconnaissance techniques together, enabling continuous discovery rather than one-off scans. The tool balances power and usability by providing sensible defaults while still exposing deep configuration options for advanced users. -
2
WhatBreach
OSINT tool for discovering email addresses in known data breaches
...If the breach databases are publicly available, the tool can attempt to download them for further analysis. It also supports deeper investigation of email domains and related profiles, making it useful for researchers, security analysts, and penetration testers conducting reconnaissance or breach analysis. -
3
Robin
AI-powered tool for dark web OSINT search and investigation
Robin is an AI-powered open source tool designed to assist investigators and researchers in conducting dark web OSINT (Open Source Intelligence) investigations. It combines automated dark web search capabilities with large language models (LLMs) to analyze and summarize information discovered across hidden services and Tor-based search engines. The tool helps refine investigative queries, collect results from multiple dark web sources, and filter relevant intelligence using AI-driven... -
4
gitGraber
Real-time GitHub monitor that detects leaked API keys and secrets
...When a potential leak is discovered, the tool can notify users through messaging platforms or display results directly in the command line. This approach helps organizations and security professionals monitor potential exposures. -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
5
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
Flowsint is an open source OSINT investigation platform designed to help analysts explore and understand relationships between digital entities through a visual graph interface. The platform focuses on reconnaissance and open source intelligence workflows, enabling investigators to map connections between domains, IP addresses, organizations, individuals, and other data points. By presenting these relationships in an interactive graph, Flowsint allows users to quickly identify patterns,... -
6
Argus
Python toolkit for OSINT and reconnaissance with 135+ modules
Argus is a Python-based open source toolkit designed to simplify information gathering and reconnaissance tasks in cybersecurity. It provides an integrated command-line environment that consolidates numerous reconnaissance utilities into a single framework. The tool enables users to collect data about networks, domains, web applications, and infrastructure in an organized and efficient manner. Argus includes a modular architecture with more than 130 modules that support activities such as... -
7
OWASP Maryam
Modular OSINT framework for automated open-source intelligence gatheri
...Written in Python, Maryam is built to provide a flexible and extensible framework for harvesting information quickly and efficiently from open sources. Maryam helps security researchers and analysts streamline routine data-gathering tasks that typically involve searching multiple sources such as Google, Bing, or other online platforms. Maryam organizes its functionality into several modules that focus on different aspects of intelligence gathering, including footprint analysis, OSINT data extraction, and general search operations. -
8
SiteDorks
Automate search engine dorking across hundreds of websites
SiteDorks is a command line tool designed to automate advanced search queries across multiple search engines and websites. It allows users to perform search engine “dork” queries against a large set of predefined domains, making it easier to discover publicly available information across different platforms. SiteDorks supports several major search engines including Google, Bing, Brave, Ecosia, DuckDuckGo, Yahoo, and Yandex. Instead of manually running the same query for many sites, SiteDorks... -
9
IntelOwl
Centralized platform for automated threat intelligence analysis
IntelOwl is an open source platform designed to manage and enrich threat intelligence data at scale. It provides a centralized environment where security analysts can gather information about suspicious files and observables such as IP addresses, domains, URLs, or hashes using a single API request. The platform integrates numerous online intelligence sources and advanced malware analysis tools, enabling users to obtain comprehensive threat intelligence without manually querying multiple services. ... -
Full-stack observability with actually useful AI | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
pwnedOrNot
Check breached emails and find exposed passwords from public dumps
...If the email is found in a breach, the tool proceeds to search for associated passwords within publicly available data dumps. This two-phase approach allows investigators, security professionals, and researchers to assess the exposure level of compromised accounts using publicly accessible breach information. The tool displays useful breach details such as the name of the breach, the affected domain, the breach date, and several status indicators related to the authenticity and status of the breach. pwnedOrNot can also analyze domains to determine whether they have been involved in breaches and can list all breached domains available through the HIBP database. -
11
GitGot
Semi-automated tool for discovering exposed secrets in GitHub data
GitGot is an open source security tool designed to help users quickly search large amounts of public data on GitHub to identify potentially exposed secrets. It operates as a semi-automated, feedback-driven system that combines automated search capabilities with human guidance to refine results during investigation. GitGot leverages the GitHub Search API to perform queries across repositories, files, and gists, allowing security researchers and penetration testers to discover sensitive information that may have been unintentionally exposed in public code. ... -
12
YoungerSibling
YoungerSibling: Cross-platform OSINT tool for quick data gathering.
YoungerSibling is a Python-based terminal utility script designed for educational purposes. It provides a set of useful tools to perform tasks like searching the web, performing lookups (Google search, IP lookup, username lookup, etc.), and extracting metadata from images, directly from the terminal. This project aims to help students, developers, and hobbyists learn about web scraping, API usage, and terminal interaction with Python. -
13
socialscan
Scan platforms to check username and email account usage
Socialscan is an open source intelligence (OSINT) tool designed to check whether usernames or email addresses are associated with accounts on various online platforms. It allows users to quickly determine if a specific username or email address is already in use across multiple services, making it useful for security research, digital investigations, and account enumeration tasks. It focuses on accuracy by querying platform endpoints in a way that reliably detects whether a credential exists without producing misleading results. Socialscan can be used both as a Python library and as a command-line utility, making it flexible for developers and analysts alike. ... -
14
Ignorant
Checks if a phone number is registered on online services
...By querying endpoints used during account registration, login, or other interactions, Ignorant can infer the presence of an account without notifying the phone number owner. This allows investigators, researchers, or security professionals to perform reconnaissance without alerting the target. Ignorant supports multiple platforms, including services such as Instagram, Snapchat, and Amazon, using a modular architecture where each platform is implemented as a separate module. Ignorant is built with asynchronous Python technologies, enabling concurrent checks across multiple services for faster results. ... -
15
OnionSearch
Search multiple Tor .onion engines at once and collect hidden links.
OnionSearch is a Python-based command-line tool designed to collect and aggregate links from multiple search engines on the Tor network. The script works by scraping results from a variety of .onion search services, allowing users to perform a single query while gathering results from many sources at once. This approach helps researchers and investigators locate hidden services more efficiently without manually querying each individual search engine. It is primarily intended for educational... -
16
linkedin2username
Generate probable usernames from LinkedIn company employee lists
...Using these names, it automatically generates multiple possible username formats that organizations commonly use for accounts or email addresses. This process helps security researchers, penetration testers, and investigators perform reconnaissance by building potential username lists for further security testing or OSINT analysis. Unlike tools that rely on official APIs, linkedin2username operates as a pure web scraper and therefore does not require API keys. The script uses Selenium to automate browser interactions and perform searches within LinkedIn to gather employee data. -
17
TorBot
Dark Web OSINT Tool
Contributions to this project are always welcome. To add a new feature fork the dev branch and give a pull request when your new feature is tested and complete. If its a new module, it should be put inside the modules directory. The branch name should be your new feature name in the format <Feature_featurename_version(optional)>. On Linux platforms, you can make an executable for TorBot by using the install.sh script. You will need to give the script the correct permissions using chmod +x... -
18
NExfil
Fast OSINT tool for discovering web profiles by username
...Developed in Python, the tool automates the process of checking hundreds of websites to determine whether a specific username exists on those platforms. By performing automated queries across numerous services, NExfil helps investigators, researchers, and security professionals quickly identify potential accounts associated with a particular username. The tool focuses on delivering results rapidly while minimizing false positives during the search process. Users can supply a single username, multiple usernames, or a file containing a list of usernames for bulk scanning. NExfil processes these inputs and attempts to detect matching profiles across more than 350 websites within seconds. ... -
19
paramspider
Mine parameterized URLs from web archives for security testing
ParamSpider is an open source command-line tool designed to discover URLs that contain parameters by mining historical data from web archives such as the Wayback Machine. It helps security researchers, penetration testers, and bug bounty hunters collect potential attack surfaces by automatically gathering archived URLs related to a specific domain. Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ... -
20
SocialPwned
OSINT tool to collect emails from social networks and find leaks
...By combining social media intelligence with breach data analysis, SocialPwned helps investigators identify reused passwords and patterns that may indicate potential security weaknesses. -
21
CrossLinked
LinkedIn employee enumeration tool using search engine scraping
...Instead of accessing LinkedIn directly or relying on its API, it performs search engine scraping using services such as Google and Bing to discover public LinkedIn profile results. By analyzing these search results, CrossLinked extracts employee names and processes them into usable formats for security assessments or reconnaissance activities. This approach allows the tool to operate without credentials, authentication tokens, or LinkedIn account access. CrossLinked is commonly used by penetration testers and security professionals during the reconnaissance phase to identify potential usernames or email address formats for a target organization. ... -
22
Yark
Simple OSINT tool for archiving and browsing YouTube channels offline
Yark is an open source command-line tool designed to simplify the process of archiving YouTube channels for research, analysis, or personal preservation. The project focuses on OSINT (Open Source Intelligence) workflows by allowing users to collect and store videos, metadata, and thumbnails from a YouTube channel in a structured local archive. Instead of simply downloading individual videos, Yark creates a self-contained archive directory that includes metadata files and organized folders... -
23
Moriarty Project
Web-based OSINT tool for investigating phone number information
Moriarty Project is an open source web-based investigation tool designed to gather publicly available information about phone numbers. It allows users to input a phone number and analyze various details related to that number through multiple investigation features. It performs information gathering by scraping data from online sources to retrieve insights such as owner information, spam risk, and related web references. Users can select specific investigation features to run individually or... -
24
OneForAll
OneForAll is a powerful subdomain collection tool
...OneForAll also performs validation and enrichment of discovered domains, producing structured outputs for further analysis. Overall, it is a powerful asset discovery platform designed to maximize subdomain visibility during security assessments. -
25
cloud_enum
Multi-cloud OSINT tool for discovering public cloud resources
...It works by taking user-provided keywords and generating variations through mutation wordlists, then testing these combinations against common cloud service naming patterns. cloud_enum performs both HTTP probing and DNS lookups to identify resources such as storage buckets, cloud applications, and databases that may be exposed or accessible. cloud_enum uses concurrent processing to speed up scanning, enabling efficient enumeration of large numbers of possible resource names. It can identify both publicly accessible and protected resources, helping security researchers understand the external cloud footprint of an organization.
