pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

针对 Acunetix AWVS扫描器开发的批量扫描脚本，支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项，支持联动xray、burp、w13scan等被动批量

nodejsscan is a static security code scanner for Node.js applications.

vulnerability database spider 爬取NVD、CNVD、CNNVD等漏洞数据库

绿盟科技漏洞扫描器(RSAS)漏洞库

魔改版内网扫描工具

A collection of ICS/SCADA PCAPs

资产狩猎框架-AssetsHunter，信息收集是一项艺术~

TideFinger——指纹识别小工具，汲取整合了多个web指纹库，结合了多种指纹检测方法，让指纹检测更快捷、准确。

Automatically exported from code.google.com/p/plcscan

Kaa is an Internet of Things platform for device management, data collection, analytics and visualization, remote control, and over-the-air updates.

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。

Nemo是用来进行自动化信息收集的一个简单平台，通过集成常用的信息收集工具和技术，实现对内网及互联网资产信息的自动收集，提高隐患排查和渗透测试的工作效率。

一个漏洞扫描器粘合剂,添加目标后30款工具自动调用；支持 web扫描、系统扫描、子域名收集、目录扫描、主机扫描、主机发现、组件识别、URL爬虫、XRAY扫描、AWVS自动扫描、POC批量验证，SSH批量测试、vulmap。

自动化巡航扫描框架（可用于红队打点评估）

Cyber Security ALL-IN-ONE Platform

一款用于安全测试中信息收集的自动化工具

Emulator for rapid prototyping of Software Defined Networks

Probuster : A Python based Web Application Penetration testing tool for Information Gathering⚡.

A cross-platform python based utility for information gathering and penetration testing automation!

ISF(Industrial Security Exploitation Framework) is a exploitation framework based on Python.

Digital Bond's ICS Enumeration Tools

Cybersecurity Evaluation Tool

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing

Tools, tips, tricks, and more for exploring ICS Security.

Pentesters spend too much time during information gathering phase. Flashlight (Fener) provides services to scan network/ports and gather information rapidly on target networks. So Flashlight should…

This is a bundle of python and bash penetration testing tools for recon and information gathering.

Information gathering tool - OSINT

专注一站化解决渗透测试的信息收集任务，功能包括域名ip历史解析、nmap常见端口爆破、子域名信息收集、旁站信息收集、whois信息收集、网站架构分析、cms解析、备案信息收集、CDN信息解析、是否存在waf检测、后台寻找以及生成检测结果html报告表。