Gitmails alternatives

Looking for an alternative tool to replace Gitmails? During the review of Gitmails we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Infoga (email information gathering)
  2. Wappalyzer (discovery of technology stack)
  3. OSINT-SPY (open source intelligence gathering tool)

These tools are ranked as the best alternatives to Gitmails.

Alternatives (by score)

64

Infoga

Introduction

This tool could be used during penetration testing to learn what information is leaked regarding email addresses. For a company, it may be useful to do security monitoring and learn the same.

Project details

Infoga is written in Python.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Information gathering
    • Reconnaissance

    Infoga review

    78

    Wappalyzer

    Introduction

    Wappalyzer can be a useful asset when performing reconnaissance on a particular target like a web application or website. It helps to find what software is used to run a particular page. Components that can be detected are the content management system (CMS), JavaScript framework, e-commerce software, web server, and more.

    Project details

    Wappalyzer is written in Node.js.

    Strengths and weaknesses

    • + Has 300+ contributors
    • + More than 4000 GitHub stars
    • + Many releases available
    • + The source code of this software is available

      Typical usage

      • Information gathering
      • Reconnaissance
      • Software identification

      Wappalyzer review

      68

      OSINT-SPY

      Introduction

      OSINT-SPY is a modular tool to query information on different subjects like an IP address, domain, email address, or even Bitcoin address. This tool can be valuable during the reconnaissance phase of a penetration test. It can be used also for defenses purpose, like learning what information is publically available about your organization and its assets.

      Project details

      OSINT-SPY is written in Python.

      Strengths and weaknesses

      • + The source code is easy to read and understand
      • + The source code of this software is available
      • - No releases on GitHub available

      Typical usage

      • Information gathering
      • Penetration testing
      • Reconnaissance

      OSINT-SPY review

      60

      Gitrob

      Introduction

      Especially open source developers may share their code in a public repository like GitHub. This is a great way to collaborate between the developer(s) and the community. The risk of sharing code is that sensitive data is part of the repository and uploaded by accident. GitRob helps to detect this kind of accidental leaks.

      Project details

      Gitrob is written in Ruby.

      Strengths and weaknesses

      • + More than 1000 GitHub stars
      • + The source code of this software is available

        Typical usage

        • Data leak prevention
        • Information gathering
        • Penetration testing
        • Security assessment

        Gitrob review

        52

        Recon-ng

        Introduction

        Recon-ng is a full-featured web reconnaissance framework. It is written in Python and modular, useful for penetrating tests and security assessments.

        Project details

        Recon-ng is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Collaboration
          • Information gathering
          • Information sharing
          • Security assessment

          Recon-ng review

          63

          DMitry

          Introduction

          This small utility can retrieve information from the WHOIS database, to see who owns an IP address or domain name. Besides that, it can obtain information from the system itself, like the uptime. DMitry also has the option to search for email addresses, perform a TCP port scan, and use modules specified by the user.

          Project details

          DMitry is written in C.

          Strengths and weaknesses

          • + The source code of this software is available

            DMitry review

            64

            Domain Analyzer

            Introduction

            Domain Analyzer is an information gathering tool and comes in handy for reconnaissance. This can be useful for doing penetration testing or evaluating what information is publically available about your own domains. Some pieces of information that can be discovered include DNS servers, IP addresses, mail servers, SPF information, open ports, and more.

            Project details

            Domain Analyzer is written in Python.

            Strengths and weaknesses

            • + More than 1000 GitHub stars
            • + Very low number of dependencies
            • + The source code of this software is available

              Typical usage

              • Information gathering
              • Penetration testing

              Domain Analyzer review

              64

              GasMask

              Introduction

              GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter.

              Project details

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Information gathering

                GasMask review

                60

                GitMiner

                Introduction

                GitMiner is a tool to scan for sensitive data that is leaked via software repositories. Examples of sensitive data are authentication details such as passwords or connection settings.

                Project details

                GitMiner is written in Python.

                Strengths and weaknesses

                • + More than 1000 GitHub stars
                • + The source code of this software is available

                  Typical usage

                  • Asset discovery
                  • Discovery of sensitive information
                  • Information leak detection

                  GitMiner review

                  64

                  RTA (Red Team Arsenal)

                  Introduction

                  RTA is helpful to automate scanning public resources of a company. As the project name implies, this may be used during red teaming, like a penetration test. That obviously does not limit its use, as it is similarly useful by the blue team.

                  With its integration with Nessus and other tools, RTA is more of a toolkit. This can be seen in its functionality, like subdomain enumeration and information gathering capabilities.

                  Project details

                  RTA is written in Python.

                  Strengths and weaknesses

                  • + The source code of this software is available
                  • - No releases on GitHub available

                  Typical usage

                  • Information gathering
                  • Penetration testing
                  • Security assessment
                  • System enumeration

                  RTA review

                  64

                  Th3inspector

                  Introduction

                  This tool can be called a true 'inspector tool' as it helps to discover many types of data.

                  • Website information
                  • Domain and subdomain information
                  • Mail server information and email
                  • Phone details
                  • IP addresses
                  • Detection of used CMS

                  Project details

                  Th3inspector is written in Perl.

                  Strengths and weaknesses

                  • + The source code of this software is available
                  • - No releases on GitHub available

                  Typical usage

                  • Discovery of sensitive information
                  • Information gathering

                  Th3inspector review

                  44

                  Postfix

                  Introduction

                  Postfix is one of the most used mail transfer agents (MTA) on Linux systems. It is known for its modular design, resulting in highly tailored components doing one single job.

                  Project details

                  Postfix is written in C.

                  Strengths and weaknesses

                  • + Project is mature (10+ years)
                  • + Project is mature (5+ years)
                  • + The source code of this software is available

                    Postfix review

                    76

                    SpamScope

                    Introduction

                    SpamScope can help with the spam detection in email messages. Features that make SpamScope suitable for the job include its focus on performance using parallel and distributed tasks. It is flexible due to its extensions and integrations. Integrations include Apache Tika, VirusTotal, Thug, Shodan, and SpamAssassin. Besides these integrations, the tool can export analyzed data to JSON output.

                    Project details

                    SpamScope is written in Python.

                    Strengths and weaknesses

                    • + Many releases available
                    • + The source code of this software is available

                      Typical usage

                      • Data extraction
                      • Data processing
                      • Spam scanning

                      SpamScope review

                      Some relevant tool missing as an alternative to Gitmails? Please contact us with your suggestion.