web-reconnaissance

All In One Web Recon

Omnisci3nt – See What They’ve Tried to Hide Extract deep intelligence from any domain. From subdomains to SSL certs, archived secrets to exposed ports — Omnisci3nt gives you the full picture in seconds.

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

Yet another web recon tool

A Simple Tool to gather information from any website, domain, sub-domain, DNS, links by enumeration with simple commands.

📠ONE-Type is a automation script which helps you to get all information of a website in your hand as a plain text format. Just single executation and get all about the website.

Well-labeled files & regexes to search for when performing reconnaissance against websites.

PentestHorizon is a sophisticated Telegram bot designed for cybersecurity professionals, offering automated web reconnaissance, enumeration, scanning, and vulnerability assessment tools through an easy-to-use Telegram interface.

All in One Advanced and Detailed Web Scanner with over 1000 plug-ins.

Automated web reconnaissance platform

-->JSmap<-- is a lightning-fast, all-in-one web reconnaissance and XSS discovery toolkit that concurrently crawls entire domains, summarizes dangerous parameter patterns, catalogs every JavaScript asset with precise versioning, and auto-scans with retirejs and XSStrike—delivering deep, actionable vulnerability insights in a single......

This project is a Python-based Hidden Directory Scanner designed for ethical hacking and cybersecurity learning. It scans a target website for hidden or unlisted directories using a wordlist and prints the discovered paths. It's useful for penetration testers conducting reconnaissance during web application security assessments.

DirRaptor is a high-speed Python-based directory and file brute-forcing tool for web applications. It discovers hidden paths on websites using wordlists, with support for multithreading, status code filtering, and real-time output — ideal for bug bounty hunting and ethical hacking.

Advanced URL Availability Checker Checks URLs for availability with comprehensive error handling, retry logic, and progress tracking.

Full-scope recon case study on Audible’s HackerOne program using whois, amass, and httpx. Over 1,000 subdomains discovered and documented in a legally scoped workflow.