XRay alternatives

Looking for an alternative tool to replace XRay? During the review of XRay we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. DataSploit (OSINT framework)
  2. OSINT Framework (collection of OSINT resources)
  3. GasMask (open source intelligence gathering tool)

These tools are ranked as the best alternatives to XRay.

Alternatives (by score)

74

DataSploit

Introduction

DataSploit is a framework to perform intelligence gathering to discover credentials, domain information, and other information related to the target. It uses various reconnaissance techniques on companies, people, phone numbers, and even cryptocoin technology. It allows aggregating all raw data and return it in multiple formats.

Project details

DataSploit is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Information gathering
    • OSINT research
    • Security monitoring

    DataSploit review

    74

    OSINT Framework

    Introduction

    The OSINT framework provides a collection of tools to gather and parse public data. The tool is web-based and makes it easy to find tools for a particular task.

    Project details

    OSINT Framework is written in JavaScript.

    Strengths and weaknesses

    • + More than 10 contributors
    • + More than 500 GitHub stars
    • + The source code of this software is available
    • - No releases on GitHub available

    Typical usage

    • Footprinting
    • Intelligence gathering
    • OSINT research
    • Reconnaissance

    OSINT Framework review

    64

    GasMask

    Introduction

    GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter.

    Project details

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Information gathering

      GasMask review

      68

      OSINT-SPY

      Introduction

      OSINT-SPY is a modular tool to query information on different subjects like an IP address, domain, email address, or even Bitcoin address. This tool can be valuable during the reconnaissance phase of a penetration test. It can be used also for defenses purpose, like learning what information is publically available about your organization and its assets.

      Project details

      OSINT-SPY is written in Python.

      Strengths and weaknesses

      • + The source code is easy to read and understand
      • + The source code of this software is available
      • - No releases on GitHub available

      Typical usage

      • Information gathering
      • Penetration testing
      • Reconnaissance

      OSINT-SPY review

      74

      SpiderFoot

      Introduction

      SpiderFoot can be used offensively during penetration tests, or defensively to learn what information is available about your organization.

      Project details

      SpiderFoot is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Information gathering

        SpiderFoot review

        85

        Gitem

        Introduction

        Gitem is a reconnaissance tool to extract information about organizations on GitHub. It can be used to find the leaking of sensitive data.

        Project details

        Gitem is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Information gathering
          • Security assessment
          • Security monitoring
          • Self-assessment

          Gitem review

          78

          Intrigue Core

          Introduction

          Intrigue Core provides a framework to measure the attack surface of an environment. This includes discovering infrastructure and applications, performing security research, and doing vulnerability discovery.

          Intrigue also allows enriching available data and perform OSINT research (open source intelligence). The related scans include DNS subdomain brute-forcing, email harvesting, IP geolocation, port scanning, and using public search engines like Censys, Shodan, and Bing.

          Project details

          Intrigue Core is written in Ruby.

          Strengths and weaknesses

          • + More than 500 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Asset discovery
            • Attack surface measurement
            • Intelligence gathering
            • OSINT research
            • Penetration testing
            • Security assessment

            Intrigue Core review

            60

            ThreatPinch Lookup

            Introduction

            ThreatPinch helps to speed up collecting information from common resources like CVE databases or public WHOIS data. As it works from the browser, it is a helpful addition for people who have to perform forensics, security monitoring, or system administration. For example, getting the owner of a domain and IP address becomes almost instant knowledge.

            Project details

            ThreatPinch Lookup is written in JavaScript.

            Strengths and weaknesses

            • + Many integration possibilities available
            • - Unknown project license

            Typical usage

            • Information gathering
            • Threat hunting

            ThreatPinch Lookup review

            60

            Belati

            Introduction

            Belati is security tool to collect public data and information and calls itself a Swiss army knife for OSINT purposes.

            Project details

            Belati is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available
            • - Full name of author is unknown

            Typical usage

            • Information gathering

            Belati review

            60

            Gitrob

            Introduction

            Especially open source developers may share their code in a public repository like GitHub. This is a great way to collaborate between the developer(s) and the community. The risk of sharing code is that sensitive data is part of the repository and uploaded by accident. GitRob helps to detect this kind of accidental leaks.

            Project details

            Gitrob is written in Ruby.

            Strengths and weaknesses

            • + More than 1000 GitHub stars
            • + The source code of this software is available

              Typical usage

              • Data leak prevention
              • Information gathering
              • Penetration testing
              • Security assessment

              Gitrob review

              60

              OSRFramework

              Introduction

              This OSINT framework allows combining sources and provide data in different formats (web interface, API, command line).

              Project details

              OSRFramework is written in Python.

              Strengths and weaknesses

              • + Available as package (simplified installation)
              • + The source code of this software is available
              • - No releases on GitHub available

              Typical usage

              • Information gathering

              OSRFramework review

              78

              theHarvester

              Introduction

              This tool is a typical information collection tool to retrieve public data and get it all into one place. It is useful for penetration tests, or if you want to see what is available for your company.

              Project details

              72

              HELK (The Hunting ELK)

              Introduction

              The main purpose to use HELK is to do analytic research on data, which are typically the events coming from your systems. Suspicious events could be discovered by doing so-called threat hunting. It may give additional insights about the existing infrastructure and required security defenses.

              Project details

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • System monitoring
                • Threat discovery
                • Threat hunting

                HELK review

                100

                MISP

                Introduction

                MISP collects, stores, and distributes security indicators and discovered threats. This makes the platform useful for those involved with security incidents and malware research. Users benefit from having a well-tested platform to structure the vast number of data points available when it comes to security threats. The tooling allows interaction with other tools, like security incident and event management (SIEM) and intrusion detection systems (IDS).

                Project details

                MISP is written in PHP.

                Strengths and weaknesses

                • + More than 50 contributors
                • + The source code of this software is available

                  Typical usage

                  • Fraud detection
                  • Information gathering
                  • Threat hunting

                  MISP review

                  64

                  sqhunter

                  Introduction

                  Sqhunter is a security tool to find known and unknown threats within your network. The goal is to find possible adversaries within your network by doing specific queries. The tool uses data from osquery, Salt Open, and the Cymon API.

                  Project details

                  sqhunter is written in Python.

                  Strengths and weaknesses

                  • + The source code of this software is available

                    Typical usage

                    • Security monitoring
                    • Threat discovery
                    • Threat hunting

                    sqhunter review

                    Some relevant tool missing as an alternative to XRay? Please contact us with your suggestion.