Open-source security tooling.
Recon and automation tools Abhishek Bhaskar (Abhi HackZ) has built and released — the same tooling that powers his bug-bounty and VAPT workflow, and the components of the recon pipeline he runs across targets.
ASN-based recon grapher — maps an organisation to its ASNs and IP ranges to build attack-surface scope fast.
Go utility that merges, dedupes and hunts through large recon outputs to surface interesting findings quickly.
API endpoint discovery and reconnaissance tool for mapping and testing exposed API surfaces.
DNS information-gathering automation that wraps dig-style lookups into a fast recon workflow.
Subdomain enumeration tool that aggregates multiple sources to discover an organisation’s subdomains.
A graphical network scanner for host and port discovery — point-and-click recon for internal assessments.
How these fit together
These aren't standalone toys — each one is a stage in a repeatable recon-to-triage pipeline. AsN_GrApEr and SubSpyder handle seeding and expansion; APIScout and DigIT probe the surface; MergerHunt merges and triages the output. The full methodology is written up in Building a Recon Pipeline That Scales, and the same philosophy — automate the mechanical work so human attention goes to the findings that need reasoning — drives SentryScan.
Explore more
SentryScan
Proof-based web vulnerability scanner and VAPT platform.
// recognitionHall of Fame
NASA, Nojoto, RepAutomate and Vero recognitions.
// researchBlog & Writeups
Bug-bounty writeups and methodology deep-dives.
Need this tooling pointed at your attack surface?
Custom recon pipelines and automation are part of how I run an engagement.
Book a free 30-min scoping call →