Passive recon tool. Zero credentials required. Finds Microsoft 365 & Google Workspace tenants, scores email security, fingerprints 650+ SaaS/infrastructure services via DNS & certificates, and ships a native MCP server for AI agents
Passive attack-surface scanner: turn a domain into a risk grade, copy-paste fixes, and a client-ready report. Safe DNS, HTTP, TLS, email, and certificate-transparency checks.
👻 GhostPath — A powerful modular reconnaissance toolkit built for hackers, OSINT professionals & bug bounty hunters — passive + active recon in a sleek CLI shell. Discover subdomains, probe paths, mine archives and hunt certificates — all from one interactive terminal interface.
A lightweight Python tool for passive reconnaissance, including subdomain, email, and S3 bucket extraction, with AI-powered scanner for sensitive infrastructure mentions.