Showing 51 open source projects for "web-based"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Save Up to 91% on Cloud Compute With Spot VMs Icon
    Save Up to 91% on Cloud Compute With Spot VMs

    Automatic sustained-use discounts. One free VM per month. No negotiation needed.

    Run batch jobs at 60-91% off with Spot VMs. Long-running workloads get automatic discounts with sustained use.
    Try Free
  • 1
    GHunt

    GHunt

    Offensive Google framework

    ...Put GHunt on listening mode (currently not compatible with docker) Paste base64-encoded cookies. Enter manually all cookies. The development of this extension has followed Firefox guidelines to use the Promise-based WebExtension/BrowserExt API being standardized by the W3 Browser Extensions group, and is using webextension-polyfill to provide cross-browser compatibility with no changes.
    Downloads: 6 This Week
    Last Update:
    See Project
  • 2

    YoungerSibling

    YoungerSibling: Cross-platform OSINT tool for quick data gathering.

    YoungerSibling is a Python-based terminal utility script designed for educational purposes. It provides a set of useful tools to perform tasks like searching the web, performing lookups (Google search, IP lookup, username lookup, etc.), and extracting metadata from images, directly from the terminal. This project aims to help students, developers, and hobbyists learn about web scraping, API usage, and terminal interaction with Python.
    Downloads: 4 This Week
    Last Update:
    See Project
  • 3
    GitGot

    GitGot

    Semi-automated tool for discovering exposed secrets in GitHub data

    ...During a search session, users review results and provide feedback that allows GitGot to filter out irrelevant or repetitive findings. This feedback is used to build blacklists that eliminate results based on repository names, file names, user names, or fuzzy matches of file content. The approach helps reduce noise while guiding the search process toward more relevant results.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 4
    OnionSearch

    OnionSearch

    Search multiple Tor .onion engines at once and collect hidden links.

    ...It also offers flexible command-line options that allow users to limit results, choose which engines to query, and export collected data. By automating searches across several dark web search engines, OnionSearch simplifies the process of discovering information on hidden services.
    Downloads: 5 This Week
    Last Update:
    See Project
  • Stop vibe-debugging. Icon
    Stop vibe-debugging.

    Plug Claude into your app's actual errors.

    AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
    Free 30 days.
  • 5
    Ignorant

    Ignorant

    Checks if a phone number is registered on online services

    Ignorant is a Python-based OSINT tool designed to determine whether a specific phone number is associated with accounts on various online platforms. It performs phone number enumeration by sending requests to supported services and analyzing their responses to identify whether an account exists for that number. By querying endpoints used during account registration, login, or other interactions, Ignorant can infer the presence of an account without notifying the phone number owner. ...
    Downloads: 27 This Week
    Last Update:
    See Project
  • 6
    NExfil

    NExfil

    Fast OSINT tool for discovering web profiles by username

    NExfil is an open source OSINT (Open Source Intelligence) tool designed to locate user profiles across the web based on a given username. Developed in Python, the tool automates the process of checking hundreds of websites to determine whether a specific username exists on those platforms. By performing automated queries across numerous services, NExfil helps investigators, researchers, and security professionals quickly identify potential accounts associated with a particular username. ...
    Downloads: 17 This Week
    Last Update:
    See Project
  • 7
    TorBot

    TorBot

    Dark Web OSINT Tool

    Contributions to this project are always welcome. To add a new feature fork the dev branch and give a pull request when your new feature is tested and complete. If its a new module, it should be put inside the modules directory. The branch name should be your new feature name in the format <Feature_featurename_version(optional)>. On Linux platforms, you can make an executable for TorBot by using the install.sh script. You will need to give the script the correct permissions using chmod +x...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 8
    paramspider

    paramspider

    Mine parameterized URLs from web archives for security testing

    ParamSpider is an open source command-line tool designed to discover URLs that contain parameters by mining historical data from web archives such as the Wayback Machine. It helps security researchers, penetration testers, and bug bounty hunters collect potential attack surfaces by automatically gathering archived URLs related to a specific domain. Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    SocialPwned

    SocialPwned

    OSINT tool to collect emails from social networks and find leaks

    SocialPwned is an OSINT tool designed to gather publicly exposed email addresses from social networks and analyze them for potential credential leaks. It helps security researchers and penetration testers identify vulnerable targets during the footprinting phase of ethical hacking engagements. It collects email addresses associated with individuals or organizations from platforms such as Instagram, LinkedIn, and Twitter. Once emails are discovered, SocialPwned searches for leaked credentials...
    Downloads: 5 This Week
    Last Update:
    See Project
  • Your monitoring isn't a stack. It's a pile. Fix that. Icon
    Your monitoring isn't a stack. It's a pile. Fix that.

    Errors, performance, logs, uptime. One install, one invoice, one UI.

    Replace Datadog, New Relic, and Sentry without adding three more dashboards.
    Free 30 days.
  • 10
    Yark

    Yark

    Simple OSINT tool for archiving and browsing YouTube channels offline

    ...Instead of simply downloading individual videos, Yark creates a self-contained archive directory that includes metadata files and organized folders for media assets. This format allows users to maintain a historical record of a channel and track updates or changes over time. The tool also provides a local offline web interface that lets users browse and watch archived videos directly in their browser. Because archives are updated using timestamps, users can refresh an existing archive to add newly published content without recreating the entire dataset. Overall, Yark aims to make YouTube archiving and channel analysis easier.
    Downloads: 1 This Week
    Last Update:
    See Project
  • 11
    Moriarty Project

    Moriarty Project

    Web-based OSINT tool for investigating phone number information

    Moriarty Project is an open source web-based investigation tool designed to gather publicly available information about phone numbers. It allows users to input a phone number and analyze various details related to that number through multiple investigation features. It performs information gathering by scraping data from online sources to retrieve insights such as owner information, spam risk, and related web references.
    Downloads: 18 This Week
    Last Update:
    See Project
  • 12
    email2phonenumber

    email2phonenumber

    OSINT tool to discover phone numbers using an email address

    ...By combining these partial digits with other publicly available information, the tool attempts to reconstruct or identify the full phone number. The application includes several functions that support different phases of this process, such as scraping phone number fragments, generating possible numbers based on national numbering plans, and testing potential numbers against service recovery mechanisms.
    Downloads: 11 This Week
    Last Update:
    See Project
  • 13
    yesitsme

    yesitsme

    Simple OSINT script to find Instagram profiles by name

    yesitsme is a Python-based OSINT utility designed to help investigators identify potential Instagram accounts associated with a specific person using limited identifying data. The script works by querying indexed public information and comparing obfuscated email addresses and phone numbers against user-provided inputs to estimate match confidence. It is intended to automate a time-consuming manual investigation process by aggregating candidate usernames and classifying them into match levels such as high, medium, or low. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    HostHunter

    HostHunter

    OSINT reconnaissance tool for discovering hostnames from IP addresses

    HostHunter is an open source reconnaissance tool designed to discover and extract hostnames associated with a large set of IPv4 or IPv6 addresses. It helps security professionals map IP addresses to virtual hostnames using a combination of OSINT data sources and active reconnaissance techniques. This approach enables users to identify hidden or additional services that may be hosted behind a single IP address. By correlating hostname information from certificates, APIs, HTTP headers, and...
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    ReconSpider

    ReconSpider

    Most Advanced Open Source Intelligence (OSINT) Framework

    ...Reconnaissance is a mission to obtain information by various detection methods, about the activities and resources of an enemy or potential enemy, or geographic characteristics of a particular area. A Web crawler, sometimes called a spider or spiderbot and often shortened to crawler, is an Internet bot that systematically browses the World Wide Web, typically for the purpose of Web indexing (web spidering).
    Downloads: 1 This Week
    Last Update:
    See Project
  • 16
    Trape

    Trape

    OSINT tool for tracking users and analyzing browser data online

    Trape is an open source OSINT analysis and research tool designed to track and analyze users on the internet in real time. The project focuses on demonstrating how web browsers can reveal sensitive information about users while interacting with websites and online services. It provides researchers, security professionals, and organizations with a platform for studying how attackers could gather intelligence through social engineering techniques. The tool can clone websites and monitor interactions in order to collect data from visitors, allowing investigators to observe user behavior and session activity. ...
    Downloads: 25 This Week
    Last Update:
    See Project
  • 17
    Phishing Catcher

    Phishing Catcher

    Real-time phishing domain detection via Certificate Transparency logs

    phishing_catcher is a security monitoring tool designed to detect potential phishing domains in near real time by analyzing TLS certificate issuance events. It listens to Certificate Transparency (CT) logs through the CertStream API and evaluates newly issued certificates as they appear. Each certificate often contains one or more domain names, which the tool analyzes to determine whether they resemble suspicious or phishing-related domains. phishing_catcher applies a configurable scoring...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 18
    TIDoS

    TIDoS

    Python web penetration testing framework with modular security tools

    TIDoS-Framework is an open source web application penetration testing framework designed to assist security researchers and ethical hackers in identifying vulnerabilities in web systems. It provides a comprehensive environment for performing multiple phases of security assessment, including reconnaissance, scanning, enumeration, vulnerability analysis, and exploitation.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    BlackWidow

    BlackWidow

    Python web scanner for OSINT gathering and OWASP vulnerability fuzzing

    BlackWidow is a Python-based web application scanning tool designed to crawl target websites and collect open-source intelligence (OSINT) while identifying potential security vulnerabilities. It functions as a web spider that systematically explores a site to gather valuable information such as URLs, dynamic parameters, subdomains, email addresses, and phone numbers associated with the target domain.
    Downloads: 2 This Week
    Last Update:
    See Project
  • 20
    FavFreak

    FavFreak

    Favicon hash–based reconnaissance tool for security research

    ...If a match is found, it displays the corresponding technology information in the output, helping researchers quickly identify potential targets or related infrastructure. This approach is particularly useful during reconnaissance phases of security assessments because many web services share identical favicon hashes.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    gasmask

    gasmask

    All-in-one OSINT tool for reconnaissance and domain intelligence

    GasMasK is an open source OSINT (Open Source Intelligence) tool designed to perform reconnaissance and information gathering on domains and online targets. It is implemented as a Python-based command-line utility that collects data from numerous publicly available sources across the internet. It aggregates intelligence such as domain details, email addresses, hostnames, and subdomains by querying search engines, DNS records, certificate transparency logs, and security databases. GasMasK integrates with a wide range of platforms and services including search engines, social media platforms, and security APIs to retrieve relevant information about a target. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 22
    AttackSurfaceMapper

    AttackSurfaceMapper

    Automated tool for mapping & expanding organization’s attack surface

    ...It performs both brute-force and passive enumeration techniques to uncover infrastructure components that may not be immediately visible. After building an expanded list of targets, AttackSurfaceMapper collects intelligence such as screenshots of web applications, information about exposed services, and possible vulnerabilities identified through integrated services. It can also search for publicly exposed credentials.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 23
    DNSGen

    DNSGen

    Intelligent DNS permutation tool for subdomain discovery

    ...These generated permutations help identify hidden or unlisted services that may not appear in standard DNS queries or public records. DNSGen applies multiple permutation techniques to create realistic domain combinations based on modern infrastructure naming patterns, including cloud environments, DevOps tools, and microservice architectures. It can also extract meaningful keywords from existing domain names and incorporate them into newly generated permutations. The resulting domain list can be further processed by DNS resolution tools such as MassDNS to determine which generated domains actually exist.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    Fav-up

    Fav-up

    Look up IP addresses using favicon hashes via Shodan

    ...This technique is commonly used in security research and OSINT investigations to discover related infrastructure or services that may belong to the same organization. fav-up can retrieve favicon data from several sources, including local files, direct favicon URLs, or full web pages where the favicon is automatically extracted. fav-up then computes the favicon hash and performs Shodan queries to locate IP addresses that match the same hash. To support larger investigations, the tool can iterate over lists of URLs, domains, or favicon files in bulk. Results can be printed to the console or exported into structured formats such as CSV or JSON for further analysis and reporting.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25
    Buster

    Buster

    OSINT tool for discovering information linked to email addresses

    ...It helps investigators, security researchers, and penetration testers discover publicly available information related to email addresses and usernames. It can analyze an email address to identify associated social media accounts, references across the web, and potential data breaches linked to that email. It also performs reverse WHOIS lookups to discover domains that may have been registered using a specific email address. In addition to investigating existing addresses, Buster can generate possible email combinations and usernames based on personal details such as a person’s name, birthdate, or additional hints. ...
    Downloads: 5 This Week
    Last Update:
    See Project
Auth0 Logo