A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.

A modern, browser-based reconnaissance dashboard built for security professionals and bug bounty hunters.

A tool for finding CNAME of subdomains and checking clickjacking vulnerability.

Get historical URLs from the Wayback Machine using Node.js. Supports CLI and library usage.

JSpider is a smart crawler for hidden endpoints. It crawls and extracts hidden API endpoints and URLs from JavaScript files and HTML source code — all directly in your browser.

RoboRecon is an advanced reconnaissance framework that automates robots.txt, sitemap crawling, hidden URL discovery, and deep target intelligence collection — built for ethical hackers and bug bounty hunters

👻 GhostPath — A powerful modular reconnaissance toolkit built for hackers, OSINT professionals & bug bounty hunters — passive + active recon in a sleek CLI shell. Discover subdomains, probe paths, mine archives and hunt certificates — all from one interactive terminal interface.

DuskProbe is a web security testing framework that combines passive reconnaissance and active vulnerability scanning. Built with aiohttp and Streamlit, it identifies OWASP Top 10 risks and business logic flaws to provide coverage of modern web attack surfaces.

An CLI tool to find Web Technologies Direct In Terminal It identifies technologies on websites, such as CMS, web frameworks, ecommerce platforms, JavaScript libraries, analytics tools A long list of regular expressions is used to identify technologies on web pages. It inspects HTML code, as well as JavaScript variables, response headers and more

External recon automation tool for red teams and researchers. Gathers WHOIS, subdomains, DNS records, HTTP headers, SSL details, and more—fast, modular, and multithreaded.