62 skills found · Page 1 of 3
Autumn-27 / ScopeSentryScopeSentry-Cyberspace mapping, subdomain enumeration, port scanning, sensitive information discovery, vulnerability scanning, distributed nodes
AlephNullSK / DnsgenDNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discovery and security assessments.
assetnote / Commonspeak2Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
johnnyxmas / ScanCannonA script for credentials-based attack surface enumeration and general reconnaissance of massive networks
duty1g / SubcatLightning-fast passive subdomain discovery tool for security professionals and bug bounty hunters.
prodigysml / Dr. WatsonDr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!
subfinder / GoaltdnsA permutation generation tool written in golang
skynet0x01 / TugareconTugaRecon is an advanced subdomain reconnaissance and intelligence framework built for security researchers, penetration testers and OSINT professionals. It combines OSINT enumeration, semantic analysis, temporal intelligence and automated reactions to continuously improve asset discovery and prioritization.
m0nad / DNS DiscoveryDNS-Discovery is a multithreaded subdomain bruteforcer.
RevoltSecurities / DnsbruterDnsbruter is a powerful tool designed to perform active subdomain enumeration and discovery. It uses DNS resolution to efficiently bruteforce and identify potential subdomains for a given target domain. With its multithreading capability, users can control the concurrency level to speed up the process.
hueristiq / Xsubfind3rA command-line utility designed to discover subdomains for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.
JetP1ane / AffinisRecurrent Neural Network SubDomain Discovery Tool
daehee / MildewDotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs
th3hack3rwiz / Fu JSThis tool aims at accumulating javascript files from a given set of subdomains to discover hidden endpoints. It swims through JS files to find more JS files. It also creates a target-specific wordlist from the JS-files for further content discovery and dumps all the discovered JS files neatly in a folder for static analysis.
fengdingbo / Subdomain Scannersubdomain-scanner is a subdomain discovery tool that discovers valid subdomains for websites.
who0xac / PinakastraAI-powered pentesting framework with automated recon and exploitation. Multi-source subdomain discovery, active vuln testing (XSS/SQLi/SSRF/IDOR), AI-driven payload generation, local inference, structured reporting. For pentesters and bug bounty hunters.
m0rd3caii / Rec0nA fully automated subdomain reconnaissance and sensitive data discovery toolkit.
gatiella / Bug Bounty Search Engine.io🔍 Bug Bounty Search Engine - Advanced reconnaissance toolkit with 64+ Google dork queries organized into 10 categories for security researchers. Features subdomain discovery, exposed files detection, vulnerability scanning, and OSINT gathering across multiple platforms including Google, GitHub, Shodan, Censys, and Web Archive.
shifa123 / Chaos HuntBash Script to Hunt all the targets/Subdomains from Chaos by Project Discovery Team
elmasy-com / ColumbusAn advanced subdomain discovery service with fast, powerful and easy to use API and DNS history.
