A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
A tool for finding CNAME of subdomains and checking clickjacking vulnerability.
JSpider is a smart crawler for hidden endpoints. It crawls and extracts hidden API endpoints and URLs from JavaScript files and HTML source code — all directly in your browser.
👻 GhostPath — A powerful modular reconnaissance toolkit built for hackers, OSINT professionals & bug bounty hunters — passive + active recon in a sleek CLI shell. Discover subdomains, probe paths, mine archives and hunt certificates — all from one interactive terminal interface.
DuskProbe is a cybersecurity tool for authorized penetration testers, offering advanced web application vulnerability scanning with OWASP 2025 compliance. It features a robust Python-based architecture with asynchronous processing, delivering comprehensive XSS, SQL injection, and CSRF detection alongside professional HTML and JSON reports.
An CLI tool to find Web Technologies Direct In Terminal It identifies technologies on websites, such as CMS, web frameworks, ecommerce platforms, JavaScript libraries, analytics tools A long list of regular expressions is used to identify technologies on web pages. It inspects HTML code, as well as JavaScript variables, response headers and more
External recon automation tool for red teams and researchers. Gathers WHOIS, subdomains, DNS records, HTTP headers, SSL details, and more—fast, modular, and multithreaded.
Add a description, image, and links to the web-recon topic page so that developers can more easily learn about it.
To associate your repository with the web-recon topic, visit your repo's landing page and select "manage topics."