Search Results for "netbios enumeration tool"
Sort By:
Showing 57 open source projects for "netbios enumeration tool"
View related business solutions-
OpenMetal is an automated bare metal and on-demand private cloud provider.OpenMetal is an automated bare metal and on-demand private cloud provider. Our mission is to empower your team with cost effective private infrastructure that outperforms traditional public cloud.
-
Eurekos LMS - Build a Smarter CustomerEurekos is a purpose-built LMS that engages customers throughout the entire learning journey from pre-sales, to onboarding, and everything after.
-
1
Network Enumeration Tool
Network Enumeration Tool for Host Exploration and Recon
N-ETHER (Network Enumeration Tool for Host Exploration and Reconnaissance) is a robust and highly automated Python script designed to streamline the critical initial phases of network security auditing and penetration testing. It’s core purpose is to perform fast, comprehensive, and consistent host and port discovery across single targets or large lists of IP addresses. -
2
subfinder
Fast passive subdomain enumeration tool
Subfinder is a high-performance passive subdomain discovery tool built for fast and reliable asset enumeration. It focuses exclusively on collecting valid subdomains from a wide range of passive online sources, prioritizing accuracy and speed over intrusive scanning techniques. The project is widely used in bug bounty hunting, penetration testing, and attack surface mapping because it minimizes noise while producing actionable results. -
3
holehe
Check if the mail is used on different sites
holehe is a Python-based OSINT utility designed to determine whether a specific email address is registered across a wide range of online services. The tool works by leveraging password-reset mechanisms and other public account-existence checks to infer whether an email is associated with accounts on major platforms. It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate quickly and quietly, emphasizing efficiency and minimal footprint during enumeration tasks. ... -
4
Scope Sentry
Cyberspace asset mapping and vulnerability scanning platform
ScopeSentry is an open source cybersecurity tool designed for cyberspace asset mapping and automated security analysis. It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection. -
Effortlessly Manage Product InformationA single source of truth for all of your product information with easy ways to distribute that data to wherever it needs to go, including the most powerful e-commerce connectors in the industry.
-
5
WPScan
WPScan WordPress security scanner
WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators. -
6
Raccoon
High-performance reconnaissance and vulnerability scanning tool
Raccoon is a high-performance offensive security tool designed to assist with reconnaissance and vulnerability scanning during penetration testing and security assessments. It automates several common reconnaissance tasks, allowing security professionals to quickly gather information about a target system or web application. The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. ... -
7
X-osint
Open source OSINT tool for gathering data on emails, phones, and IPs
X-osint is an open source intelligence framework designed to collect and analyze publicly available information from multiple sources. It focuses on gathering useful and credible data about entities such as phone numbers, email addresses, and IP addresses using a range of automated OSINT techniques. It provides investigators and researchers with a centralized interface for running information-gathering tasks that would normally require multiple separate tools. X-osint can also perform... -
8
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
reconFTW is an open source automated reconnaissance framework created for security researchers, penetration testers, and bug bounty hunters. The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external security utilities and coordinates them to produce comprehensive reconnaissance results efficiently. ... -
9
FinalRecon
All-in-one Python web reconnaissance tool for fast target analysis
FinalRecon is an all-in-one web reconnaissance tool written in Python that helps security professionals gather information about a target website quickly and efficiently. It combines multiple reconnaissance techniques into a single command-line utility so users do not need to run several separate tools to collect similar data. FinalRecon focuses on providing a fast overview of a web target while maintaining accuracy in the collected results. It includes modules for gathering server... -
Attack Surface Management | Criminal IP ASMCriminal IP’s Attack Surface Management (ASM) is a threat-intelligence–driven platform that continuously discovers, inventories, and monitors every internet-connected asset associated with an organization, including shadow and forgotten resources, so teams see their true external footprint from an attacker’s perspective. The solution combines automated asset discovery with OSINT techniques, AI enrichment and advanced threat intelligence to surface exposed hosts, domains, cloud services, IoT endpoints and other Internet-facing vectors, capture evidence (screenshots and metadata), and correlate findings to known exploitability and attacker tradecraft. ASM prioritizes exposures by business context and risk, highlights vulnerable components and misconfigurations, and provides real-time alerts and dashboards to speed investigation and remediation.
-
10
PowerSharpPack
Offensive CSharp Projects wraped into Powershell for easy usage
...The author compiles, gzip-compresses and base64-encodes each C# binary, then dynamically loads the assemblies into the PowerShell process so operators can invoke powerful .NET tools without dropping executables on disk. The bundle exposes a single entry script (PowerSharpPack.ps1) with switches to select which embedded tool to run and an optional -Command argument to pass tool-specific parameters. Included projects cover a broad range of post-exploitation and reconnaissance needs: Kerberos tooling, host survey utilities, credential and browser data extractors, AD enumeration, privilege escalation helpers, persistence frameworks, and file/handle utilities. ... -
11
discover
Automation framework for reconnaissance and penetration testing tasks
...By organizing multiple security utilities and scripts into one environment, the project reduces repetitive manual steps and standardizes penetration testing workflows. The tool is commonly used in Kali Linux environments. -
12
Username Anarchy
Username generator for penetration testing and user enumeration
Username Anarchy is an open source command line tool designed to generate possible usernames for use in penetration testing and security assessments. It focuses on solving one of the common challenges in authentication attacks: identifying valid usernames before attempting password attacks. It generates large sets of potential usernames based on a person’s name and common naming conventions used in corporate or online systems. -
13
GooFuzz
OSINT fuzzing tool using Google dorks to find exposed resources
GooFuzz is an open source security tool designed to perform fuzzing using an OSINT-based approach by leveraging advanced Google search techniques. It is written in Bash and automates the use of Google Dorking queries to discover publicly accessible information related to a target domain. Instead of directly sending requests to the target server, GooFuzz gathers results through search engine indexing, allowing enumeration without leaving traces in the target’s server logs. ... -
14
HexStrike AI MCP Agents
HexStrike AI MCP Agents is an advanced MCP server
HexStrike AI is an MCP server that lets LLM agents autonomously operate a large catalog of offensive-security tools. Its goal is to bridge “language models” and practical pentest workflows—enumeration, exploitation, vulnerability discovery, and bug bounty reconnaissance—under safe, auditable controls. The server exposes typed tools and guardrails so agent prompts translate to concrete, parameterized actions rather than brittle shell strings. It ships with curated tool adapters, task orchestration, and guidance for connecting popular agent clients (Claude, GPT, Copilot) to a hardened execution environment. ... -
15
OWASP Amass
In-depth attack surface mapping and asset discovery
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application... -
16
Commando VM
Complete Mandiant Offensive VM (Commando VM)
Commando VM (by Mandiant) is a Windows-based offensive security / red-team distribution built to turn a fresh Windows installation into a fully featured penetration testing environment. It provides an automated installer (PowerShell script) that uses Chocolatey, Boxstarter, and MyGet package feeds to download, install, and configure dozens (100+ / 170+ depending on version) of offensive, fuzzing, enumeration, and exploitation tools. The idea is to spare testers the repetitive work of... -
17
BBOT
The recursive internet scanner for hackers
BBOT is an advanced open-source reconnaissance automation framework designed to streamline large-scale OSINT and attack surface discovery workflows. It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying... -
18
PrivescCheck
Privilege Escalation Enumeration Script for Windows
PrivescCheck is a local privilege escalation reconnaissance tool for Unix-like systems that automates common checks auditors and system owners run when looking for misconfigurations. It enumerates kernel versions, installed packages, SUID/SGID binaries, world-writable files and directories, services, cron jobs, and user/group permissions to highlight likely escalation paths. The output is organized and human-readable so operators can triage findings quickly—flagging high-risk items... -
19
Th3inspector
Best Tool For Information Gathering
Th3Inspector is a Perl- and shell-based, all-in-one information-gathering toolkit built to quickly enumerate public and semi-public data about targets (domains, IPs, phone numbers, mail servers, etc.). It exposes a single command-line entrypoint (Th3inspector.pl) with many switches for common reconnaissance tasks — examples include website info, whois, MX lookup, geo-IP, subdomain discovery, CMS detection, port scanning, and Cloudflare real-IP resolution — so a user can chain many checks... -
20
GOAD (Game of Active Directory)
game of active directory
GOAD (Gather Open Attack Data) is a security reconnaissance framework for collecting, enriching, and visualizing open-source intelligence (OSINT) around hosts, domains, and certificates. It automates queries to certificate transparency logs, passive DNS, subdomain enumeration, web endpoints, and other public threat feeds. The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). Analysts can filter, cluster, and explore these relationships to identify infrastructure patterns, potential subdomains, or attack surfaces. ... -
21
dir-aka
The Dir-aka Vulnerability Scanner is a Python-based security tool
The Dir-aka Vulnerability Scanner is a Python-based security tool designed for cybersecurity professionals and system administrators to analyze and secure web servers against unauthorized access. This tool identifies sensitive files and folders on a target web server, filters content by file extensions, and highlights potential misconfigurations or vulnerabilities in publicly accessible directories. -
22
Multi-functional tool for windows 10/11. able to debloat, configure repair or clean-up the operating system, view hardware/network info, reboot to windows recovery enviroment or UEFI firmware, and download other software in the blink of an eye
-
23
socialscan
Scan platforms to check username and email account usage
Socialscan is an open source intelligence (OSINT) tool designed to check whether usernames or email addresses are associated with accounts on various online platforms. It allows users to quickly determine if a specific username or email address is already in use across multiple services, making it useful for security research, digital investigations, and account enumeration tasks. It focuses on accuracy by querying platform endpoints in a way that reliably detects whether a credential exists without producing misleading results. ... -
24
Ignorant
Checks if a phone number is registered on online services
Ignorant is a Python-based OSINT tool designed to determine whether a specific phone number is associated with accounts on various online platforms. It performs phone number enumeration by sending requests to supported services and analyzing their responses to identify whether an account exists for that number. By querying endpoints used during account registration, login, or other interactions, Ignorant can infer the presence of an account without notifying the phone number owner. ... -
25
TraceMAC - Traceroute for MAC addresses
TraceMAC is a command-line Layer 2 traceroute for Cisco switches
...Is tested with Cisco switches: Catalyst: 2960,3560,3750,4948,6509,9200,9300,9500 (All protocols) Nexus: C9332C, 93180YC-EX (NX-OS SSH) Express 500 (HTTP) FYI: It uses Nbtscan.exe (NetBIOS) as a alternative method to discover the mac address of a host and now seems that it is considered a malware. Anyway it is just a simple network tool that can scan the network similar to NMAP or Angry IP Scanner, etc...
