Awesome-Asset-Discovery

Asset discovery toolkit

A curated list of resources and tools to aid in discovering assets and potential vulnerabilities during security assessments.

List of Awesome Asset Discovery Resources

GitHub

2k stars
78 watching
328 forks
last commit: 6 months ago
asset-discoveryawesome-listinfosecosintreconreconnaissance

Awesome Asset Discovery / ↑Content Discovery

rustbuster 528 over 1 year ago : Files, directories and vhost buster written in Rust

Awesome Asset Discovery / ↑IP Address Discovery

Mxtoolbox : Bulk Domain/IP lookup tool
Domaintoipconverter : Bulk domain to IP converter
Massdns 3,176 9 months ago : A DNS resolver utility for bulk lookups
Googleapps Dig : Online Dig tool by Google
DataSploit (IP Address Modules) 3,038 over 4 years ago : An OSINT Framework to perform various recon techniques
Domain Dossier : Investigate domains and IP addresses
Bgpview : Search ASN, IPv4/IPv6 or resource name
Hurricane Electric BGP Toolkit : Keyword to ASN lookup
Viewdns : Multiple domain/IP tools
Ultratools ipv6Info : Multiple information related to IPv6 address
Whois : Command line utility usually used to find information about registered users/assignees of an Internet resource
ICANN Whois : Whois service by Internet Corporation for Assigned Names and Numbers (ICANN)
Linux Nslookup / : Command line utility usually used for querying the DNS records
bgp : Internet Backbone and Colocation Provider ... Hurricane Electric IP Transit. Our Global Internet Backbone provides IP Transit with low latency, access to thousands of networks, and dual-stack

Awesome Asset Discovery / ↑Domain / Subdomain Discovery

RedHunt Labs Attack Surface Recon API : RedHunt Labs' Recon API offers comprehensive domain intelligence and reconnaissance capabilities. With access to their extensive in-house database of over 6 billion records, including domains, subdomains, third-party SaaS, data leaks, and intelligent correlations, this API empowers you to enhance your Attack Surface Management and InfoSec workflows
SubFinder 10,352 6 days ago : SubFinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing
Amass 12,148 3 days ago : A subdomain enumeration utility
Sublist3r 9,900 4 months ago : Subdomains enumeration tool with multiple sources
Aiodnsbrute 646 about 1 year ago : Asynchronous DNS brute force utility
LDNS 300 about 2 months ago : A DNS library useful for DNS tool programming
Dns-nsec3-enum : Nmap NSE Script for NSEC3 walking
Nsec3map 187 over 1 year ago : A tool to NSEC and NSEC3 walking
Crt.sh : Domain certificate Search
Ct-exposer 469 over 2 years ago : A tool to discovers sub-domains by searching Certificate Transparency logs
Certgraph 344 10 months ago : A tool to crawl the graph of certificate Alternate Names
Appsecco - The art of subdomain enumeration 639 almost 6 years ago : The supplement material for the book "The art of sub-domain enumeration"
SSLScrape 43 almost 6 years ago : A scanning tool to scrape hostnames from SSL certificates
Wolframalpha : Computational knowledge engine
Project Sonar : Forward DNS Data
Project Sonar : Reverse DNS Data
GoBuster 10,247 25 days ago : Directory/File, DNS and VHost busting tool written in Go
Bluto 619 about 2 years ago : Recon, Subdomain Bruting, Zone Transfers

Awesome Asset Discovery / ↑Email Discovery

Hunter : Email search for a domain
Skrapp : Browser addon to find emails on Linkedin
Email Extractor : Chrome extension to extract emails from web pages
Convertcsv : Online tool to extract email addresses in text, web pages, data files etc
linkedin2username 1,288 11 months ago : OSINT Tool: Generate username lists for companies on LinkedIn
Office365UserEnum : Enumerate valid usernames from Office 365 using ActiveSync

Awesome Asset Discovery / ↑Network / Port Scanning

Zmap 5,541 7 days ago : A fast network scanner designed for Internet-wide network surveys
Masscan 23,761 4 months ago : An asynchronously TCP port scanner
ZMapv6 107 8 months ago : A modified version of Zmap with IPv6 support
Nmap : A free and open source utility for network discovery. The most popular port scanner

Awesome Asset Discovery / ↑Business Communication Infrastructure Discovery

Mxtoolbox : Online tool to check mail exchanger (MX) records
MicroBurst 2,060 27 days ago : PowerShell based Azure security assessment scripts
Lyncsmash 334 2 months ago : Tools to enumerate and attack self-hosted Lync/Skype for Business
Enumeration-as-a-Service 28 almost 2 years ago : Script for SaaS offering enumeration through DNS queries
ruler 2,171 6 months ago : A tool to abuse Exchange services

Awesome Asset Discovery / ↑Source Code Aggregators / Search - Information Discovery

Github : Github Advanced Search
Bitbucket : Bitbucket Search using Google
Gitrob 5,951 about 2 years ago : Reconnaissance tool for GitHub organizations
Gitlab : Search Gitlab projects
Publicwww : Source Code Search Engine
builtwith : Web technology information profiler tool. Find out what a website is built with

Awesome Asset Discovery / ↑Cloud Infrastructure Discovery

CloudScraper 502 over 2 years ago : A tool to spider websites for cloud resources (S3 Buckets, Azure Blobs, DigitalOcean Storage Space)
InSp3ctor 116 over 3 years ago : AWS S3 Bucket/Object finder
Buckets Grayhatwarfare : Search for Open Amazon s3 Buckets and their contents
Spaces-finder 154 almost 5 years ago : A tool to hunt for publicly accessible DigitalOcean Spaces
GCPBucketBrute 491 over 1 year ago : A Google Storage buckets enumeration script
CloudStorageFinder 71 over 2 years ago : Tools to find public data in cloud storage systems

Awesome Asset Discovery / ↑Company Information and Associations

Crunchbase : Information about companies (funding, acquisition, merger etc.) and the people behind them
Companieshouse : United Kingdom's registrar of companies
OverSeas Registries : List of company registries located around the world
Opencorporates : Open database of companies in the world

Awesome Asset Discovery / ↑Internet Survey Data

Project Resonance : RedHunt Labs’s Internet wide surveys to study and understand the security state of the Internet
Project Sonar : Rapid7’s internet-wide surveys data across different services and protocols
Scans.io : Internet-Wide Scan Data Repository, hosted by the ZMap Team
Portradar : Free and open port scan data by packet.tel

Awesome Asset Discovery / ↑Social Media / Employee Profiling

LinkedInt 476 over 1 year ago : A LinkedIn scraper for reconnaissance
Glassdoor : Company review and rating search
SocialBlade : Track user statistics for different platforms including YouTube and Twitter
Social-Searcher : Social Media Search Engine
Checkuser : Social existence checker

Awesome Asset Discovery / ↑Data Leaks

Dumpmon : A twitter bot which monitors multiple paste sites for password dumps and other sensitive information
Pastebin_scraper : Automated tool to monitor pastebin for interesting information
Scavenger 632 over 2 years ago : Paste sites crawler (bot) looking for leaked credentials
Pwnbin 427 over 3 years ago : Python based Pastebin crawler for keywords
PwnedOrNot 2,242 about 1 year ago : Tool to find passwords for compromised accounts

Awesome Asset Discovery / ↑Internet Scan / Archived Information

Cachedviews : Cached view of pages on the Internet from multiple sources
Wayback Machine : Internet Archive
Shodan : Search engine for Internet-connected devices
Censys : Another search engine for internet-connected devices
Zoomeye : Cyberspace Search Engine

Awesome Asset Discovery / Contributing

Create an Issue 1,991 6 months ago
Send us Pull Requests 1,991 6 months ago
[email protected] Drop an email to

Awesome Asset Discovery / Connect

Website
Twitter
Facebook