The recursive internet scanner for hackers. 🧡

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.

Open-source attack surface management and authorized security automation platform for asset discovery, service probing, scan orchestration, and security result management.

Pentesting automation platform that combines hacking tools to complete assessments

一个基于网络空间搜索引擎的攻击面管理平台，可定时进行资产信息爬取，及时发现新增资产，本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源，并对获取到的数据进行去重与清洗

网络资产攻击面梳理

Это вам не балалайка, получается

Marshal-EASM 攻击面管理系统-社区版

AI-powered open-source platform for Attack Surface Management (OASM)

Red Kite, the Extensible Attack Surface Management tool.

ICP备案查询 API

Tool for automated scanning of the common vulnerabilities of company subdomains

Self-hosted external attack surface scanner. Subdomain enumeration + takeover detection, ports, CVEs, TLS, SSH, web vulns. 18 tools, 12 attack vectors, one `docker run`. MIT-licensed.

Mcp services by marshal

Elixir SDK for the Prismatic Platform APIs - EASM, OSINT, Labs, Threat Intelligence

Zero-knowledge GCP perimeter scanner: 5-phase scan across 29 ports, GCS/Firebase/metadata API surface checks, subset-sum attack chain detection, structured JSON findings

⚡ Automate penetration testing tasks to streamline security assessments and enhance efficiency, allowing security professionals to focus on vital analysis.