Automated penetration testing & attack surface management platform. Recon, scan, exploit, report — 600+ exploits, 90+ integrations, 10K+ detections.

The recursive internet scanner for hackers. 🧡

Data pipelines for cloud config and security data. Build cloud asset inventory, CSPM, FinOps, and vulnerability management solutions. Extract from AWS, Azure, GCP, and 70+ cloud and SaaS sources.

A Modern Orchestration Engine for Security

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.

Open-source attack surface management and authorized security automation platform for asset discovery, service probing, scan orchestration, and security result management.

An easy-to-use and lightweight API wrapper for Censys APIs.

网络资产攻击面梳理

Zero-dollar attack surface management tool

A list of cloud security tools and vendors.

Self-hosted passive subdomain continous monitoring tool.

AI-powered open-source platform for Attack Surface Management (OASM)

Red Kite, the Extensible Attack Surface Management tool.

Origin IP scanning utility developed with ChatGPT

BlueTeam, RedTeam, Bug bounty, CTI, OSINT, Threat Hunting, Network and Web Recon, Discovery, Enumeration, Vulnerability Mapping, Exploitation, Reporting, Darkweb, Deepweb, Research

OWASP Amass Docker Compose for setting up a full instance of the infrastructure

Bring runZero Exposure Management into BloodHound

ICP备案查询 API

List of MurmurHash3 favicon hashes of widely used technologies by vendor to search with Shodan.