Showing 10 open source projects for "surface"

View related business solutions
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • Build Agents and Models on One Platform Icon
    Build Agents and Models on One Platform

    Everything you need to build production-ready agents and models. Access 200+ Google and third-party AI models and tools.

    Gemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
    Try It Free
  • 1
    RedAmon

    RedAmon

    AI-powered framework for automated penetration testing and red teaming

    ...It combines artificial intelligence with traditional penetration testing tools to create a fully autonomous pipeline capable of discovering vulnerabilities and executing security assessments without human intervention. It begins with a multi-phase reconnaissance engine that maps the entire attack surface of a target, collecting information such as subdomains, open ports, services, and potential vulnerabilities. RedAmon then uses an AI agent orchestrator to analyze this data, select appropriate tools, and perform exploitation steps such as credential brute forcing or CVE-based attacks. All discovered assets, relationships, and vulnerabilities are stored in a Neo4j knowledge graph, allowing the system to reason about the environment and make informed decisions during the attack process.
    Downloads: 7 This Week
    Last Update:
    See Project
  • 2
    XRAY

    XRAY

    XRay for recon, mapping and OSINT gathering from public networks

    ...It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. The modular architecture means users can customize or extend the engine with new analyzers, fuzzers, or output formats tailored to specific testing environments. ...
    Downloads: 2 This Week
    Last Update:
    See Project
  • 3
    subfinder

    subfinder

    Fast passive subdomain enumeration tool

    ...It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results. Its modular architecture allows users to enable dozens of data providers through API keys, expanding coverage as needed. Subfinder integrates easily into automation pipelines and CI workflows thanks to its clean command-line design and structured output formats. ...
    Downloads: 34 This Week
    Last Update:
    See Project
  • 4
    BBOT

    BBOT

    The recursive internet scanner for hackers

    BBOT is an advanced open-source reconnaissance automation framework designed to streamline large-scale OSINT and attack surface discovery workflows. It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying the core engine. ...
    Downloads: 8 This Week
    Last Update:
    See Project
  • Fully Managed MySQL, PostgreSQL, and SQL Server Icon
    Fully Managed MySQL, PostgreSQL, and SQL Server

    Automatic backups, patching, replication, and failover. Focus on your app, not your database.

    Cloud SQL handles your database ops end to end, so you can focus on your app.
    Try Free
  • 5
    Inventory

    Inventory

    Asset inventory dataset for public bug bounty program targets

    ...The repository tracks and organizes security-relevant assets for more than 800 companies participating in public vulnerability disclosure and bug bounty initiatives. It collects information such as DNS records and web server data, helping security researchers better understand the attack surface of these programs. It aims to streamline reconnaissance for bug bounty hunters by providing ready-to-use asset information so researchers can quickly begin testing new targets. It also helps security teams gain clearer visibility into their exposed infrastructure and publicly reachable systems. Much of the data in the repository is generated automatically through workflows that gather, transform, and consolidate bug bounty program data from multiple sources.
    Downloads: 3 This Week
    Last Update:
    See Project
  • 6
    Hakrawler

    Hakrawler

    Fast Go web crawler for discovering URLs and web app endpoints

    ...It is primarily used during the reconnaissance phase of security testing, bug bounty hunting, and penetration testing. It works by automatically crawling web pages and extracting links, JavaScript file locations, and other resources that may reveal additional attack surface or hidden functionality. hakrawler is implemented as a simple and efficient crawler using the Gocolly library, which allows it to perform fast and concurrent crawling of web pages. It accepts URLs through standard input, making it easy to integrate into command-line pipelines with other security tools. This workflow enables researchers to combine it with subdomain enumeration, HTTP probing, and vulnerability scanning utilities to automate reconnaissance processes. hakrawler can follow links within a website and optionally include subdomains.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    BigBountyRecon

    BigBountyRecon

    Automates reconnaissance for bug bounty and penetration testing target

    BigBountyRecon is an open source reconnaissance tool designed to assist security researchers, penetration testers, and bug bounty hunters during the early stages of security assessments. It automates the collection of publicly accessible information about a target organization by combining numerous reconnaissance techniques with widely used Google dorks and other open source resources. Its main goal is to accelerate the information-gathering phase, which is often considered one of the most...
    Downloads: 12 This Week
    Last Update:
    See Project
  • 8
    AttackSurfaceMapper

    AttackSurfaceMapper

    Automated tool for mapping & expanding organization’s attack surface

    AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new subdomains, associated IP ranges, and hosts within the same network ownership. ...
    Downloads: 1 This Week
    Last Update:
    See Project
  • 9
    DNSGen

    DNSGen

    Intelligent DNS permutation tool for subdomain discovery

    DNSGen is an open source DNS name permutation tool designed primarily for security researchers and penetration testers who need to discover potential subdomains during reconnaissance and attack surface mapping. It analyzes existing domain names and generates numerous intelligent variations that may represent valid subdomains within an organization’s infrastructure. These generated permutations help identify hidden or unlisted services that may not appear in standard DNS queries or public records. DNSGen applies multiple permutation techniques to create realistic domain combinations based on modern infrastructure naming patterns, including cloud environments, DevOps tools, and microservice architectures. ...
    Downloads: 0 This Week
    Last Update:
    See Project
  • Host LLMs in Production With On-Demand GPUs Icon
    Host LLMs in Production With On-Demand GPUs

    NVIDIA L4 GPUs. 5-second cold starts. Scale to zero when idle.

    Deploy your model, get an endpoint, pay only for compute time. No GPU provisioning or infrastructure management required.
    Try Free
  • 10
    Photon

    Photon

    Incredibly fast crawler designed for OSINT

    Photon is an extremely fast web crawler built specifically for OSINT and reconnaissance use cases. It is designed to extract URLs, endpoints, files, and other intelligence artifacts from target websites with minimal overhead. The crawler prioritizes speed and breadth, making it suitable for mapping web attack surfaces and discovering hidden resources. Photon is commonly used during early reconnaissance phases to build a comprehensive inventory of reachable assets. Its Python implementation...
    Downloads: 0 This Week
    Last Update:
    See Project
  • Previous
  • You're on page 1
  • Next
Auth0 Logo