Automated CMS vulnerability scanner and exploit tool that detects content management systems (WordPress, Joomla, Drupal, etc.), gathers target intelligence (subdomains, IP, DNS, WHOIS). Features dork-based URL discovery, multi-threading, and interactive mode; mainly designed for penetration testers and red teams. https://github.com/anouarbensaad/vulnx
An OSINT tool that scans 200+ platforms—including social media, programming hubs, gaming communities, and regional sites—to detect user accounts in seconds. Features async scanning, metadata extraction, multiple output formats (JSON, CSV, HTML, SQLite), and configurable modes (Stealth, Aggressive, Deep). https://github.com/VAZlabs/cyber-find
A reconnaissance tool that detects exposed CCTV cameras and DVR/NVR systems by scanning common ports, identifying brands (e.g., Hikvision, Dahua), checking for default credentials, and validating live video streams (RTSP/HTTP/RTMP). Includes geolocation, Shodan/Censys links, and ONVIF support—useful for physical security assessments and IoT threat hunting. https://github.com/spyboy-productions/CamXploit
A CLI-based OSINT tool that automates reconnaissance on Jira instances—scraping public project metadata, issue details, user mentions, and version info to uncover potential attack surface or sensitive disclosures in misconfigured Atlassian environments. https://github.com/0x48piraj/jiraffe
AI-powered subdomain enumeration tool with local LLM analysis via Ollama – 100% private, zero API costs https://github.com/Vyntral/god-eye
OSINT tool that harvests metadata from public documents (PDF, DOC, XLS, PPT, etc.) found on target websites via Google searches. Extracts usernames, email addresses, server paths, and internal naming conventions—ideal for pre-engagement reconnaissance and password spray list generation. https://github.com/laramies/metagoofil
An all-in-one Shodan & ZoomEye supported tool to search, browse, preview and dump data leakage across 20+ services. Pulls real exposure straight from the sources instead of guessing. Drop it into your workflow and watch it surface leaks you won’t find anywhere else. https://github.com/GainSec/LeakScope
Web-based utility to quickly scan a target host, detect open and unusual ports, and check running services. Utilizes tools like Nmap and Unicornscan to provide detailed results for vulnerability and security testing, accessible from any device. https://portscanner.online/
Open-source HTTP toolkit for security research. Designed as an alternative to Burp Suite Pro, it’s useful for infosec, bug bounty, and even large-scale web scraping in OSINT workflows. https://github.com/dstotijn/hetty
Advanced search engine for Mega.nz, offering access to over 9 million indexed files, including educational materials, software, movies, and more. It employs intelligent crawling and categorization for efficient discovery. https://meawfy.com/