reconnaissance--osint-automation

Solid

Passive and active reconnaissance, subdomain enumeration, DNS analysis, technology fingerprinting, and OSINT data correlation for authorized security assessments

AI & Automation 47 stars 3 forks Updated today MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%
56
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
80
License 10%
100
Description 5%
100

Skill Content

# Reconnaissance & OSINT Automation ## Purpose Enable Claude to conduct comprehensive reconnaissance and open-source intelligence gathering during authorized security assessments. Claude performs passive and active recon using its native analysis capabilities and orchestrates the included scripts for automation at scale. > **Authorization Required**: Always confirm written authorization for the target scope before proceeding. Unauthorized reconnaissance is illegal in most jurisdictions. --- ## Activation Triggers This skill activates when the user asks about: - Subdomain enumeration or discovery - DNS reconnaissance, zone transfers, or DNS record analysis - OSINT gathering on a domain, organization, or person - Technology fingerprinting or stack identification - Port scanning, service detection, or banner grabbing - Google dorking or advanced search query generation - WHOIS, certificate transparency, or Shodan queries - Attack surface mapping or perimeter discovery --- ## Prerequisites ```bash pip install requests dnspython python-whois beautifulsoup4 shodan ``` **Optional enhanced capabilities:** - `nmap` — Active port scanning - `amass` — Advanced subdomain enumeration - `theHarvester` — Email and domain harvesting - Shodan API key — Internet-wide device search - Censys API key — Certificate and host search --- ## Core Capabilities ### 1. Passive Reconnaissance (No Direct Target Contact) **When the user asks for passive recon or OSINT:** 1. **WHOIS Analysis**...

Details

Author
Masriyan
Repository
Masriyan/Claude-Code-CyberSecurity-Skill
Created
3 months ago
Last Updated
today
Language
Python
License
MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

recon-asset-discovery

Subdomain enumeration, CT logs, DNS record catalog, WHOIS/RDAP, and passive reconnaissance for authorized external recon.

0 Updated today
Ap6pack
AI & Automation Featured

conducting-external-reconnaissance-with-osint

Conducts external reconnaissance using Open Source Intelligence (OSINT) techniques to map an organization's external attack surface without directly interacting with target systems. The tester gathers information from public sources including DNS records, certificate transparency logs, search engines, social media, code repositories, and data breach databases to build a comprehensive target profile. Activates for requests involving OSINT reconnaissance, external footprinting, attack surface mapping, or passive information gathering.

12,642 Updated today
mukul975
Web & Frontend Listed

recon-dominator

Automated full-scope reconnaissance starting from a domain or domain list. Performs subdomain enumeration, port scanning, technology fingerprinting, OSINT correlation, Google dorking, and Wayback analysis. Use when user provides a domain or list of domains and asks for "recon", "reconnaissance", "attack surface mapping", "subdomain enumeration", "footprinting", or "information gathering". Designed for authorized penetration testing and bug bounty.

31 Updated today
KaQus
AI & Automation Listed

reconnaissance-knowledge

Comprehensive knowledge about network reconnaissance and service enumeration. Provides methodologies for port scanning, service fingerprinting, web directory discovery, and vulnerability identification. Includes best practices for structured data collection.

335 Updated today
aiskillstore
AI & Automation Featured

collecting-open-source-intelligence

Collects and synthesizes open-source intelligence (OSINT) about threat actors, malicious infrastructure, and attack campaigns using publicly available data sources, passive reconnaissance tools, and dark web monitoring. Use when investigating external threat actor infrastructure, performing pre-engagement reconnaissance for authorized red team assessments, or enriching CTI reports with publicly available adversary context. Activates for requests involving Maltego, Shodan, OSINT framework, SpiderFoot, or infrastructure reconnaissance.

12,642 Updated today
mukul975