reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

The Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning-On Your Terms. Easily distribute arbitrary binaries and scripts using any of our nine supported cloud providers!

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

🔥 Professional Penetration Testing Framework v4.0 - Automated subdomain enumeration, vulnerability scanning with Nuclei, port scanning, and comprehensive HTML reports. Features parallel scanning, resume capability, and real-time progress tracking.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Advanced reconnaissance framework for bug bounty hunters - Automate subdomain enumeration, vulnerability scanning, and security reconnaissance with 30+ integrated tools.

Running nuclei Continuously

Script that download 37+ open source nuclei templates

Bug-hunting Automation

nuclei framework scripts

Automate Nuclei scans and streamline bug hunting workflows

A bash script that extracts `shodan-query, google-query, censys-query, fofa-query, hunter-query, zoomeye-query` in nucleihub-templates.

💥 This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for Web Sites, portals, and Organizations.

VPS alternative for Heavy scaning and post automation. The GOAT really exists to your localhost.

Script to build and install the tools of Project discovery from their source code.

Automated Domain reconnaissance & vulnerability scan pipeline with subdomain enum, HTTP probing, wayback URLs, crawling, dir scanning, Nuclei scanning and optional Burp Suite proxy support.

AjiFuzzing is an automated security testing tool that combines ParamSpider and Nuclei to detect vulnerabilities such as XSS, SQLi, SSRF, Open Redirect, and more in web applications.

This repository contains Ansible playbooks and roles to automate deploy of vulman-nuclei-orchestrator and vulman-domain-discovery.