Automated CMS vulnerability scanner and exploit tool that detects content management systems (WordPress, Joomla, Drupal, etc.), gathers target intelligence (subdomains, IP, DNS, WHOIS). Features dork-based URL discovery, multi-threading, and interactive mode; mainly designed for penetration testers and red teams. https://github.com/anouarbensaad/vulnx
A CLI-based OSINT tool that automates reconnaissance on Jira instances—scraping public project metadata, issue details, user mentions, and version info to uncover potential attack surface or sensitive disclosures in misconfigured Atlassian environments. https://github.com/0x48piraj/jiraffe
OSINT tool that harvests metadata from public documents (PDF, DOC, XLS, PPT, etc.) found on target websites via Google searches. Extracts usernames, email addresses, server paths, and internal naming conventions—ideal for pre-engagement reconnaissance and password spray list generation. https://github.com/laramies/metagoofil
Open-source HTTP toolkit for security research. Designed as an alternative to Burp Suite Pro, it’s useful for infosec, bug bounty, and even large-scale web scraping in OSINT workflows. https://github.com/dstotijn/hetty
A powerful API for web scraping and graph data extraction, designed for OSINT researchers looking to collect structured data from websites. https://scrapegraphai.com/