ProjectDiscovery produces a suite of open source tools tailored for offensive security: security engineers, bug bounty hunters, and red teamers. Our toolkit is structured around three distinct layers to optimize your security assessment and penetration testing processes. We also provide utilities and libraries as building blocks for an offensive security or bug bounty hunting program.

Let’s delve into the specifics of each category and its corresponding tools.


In the discovery phase, the goal is to map out the entire’s online presence, finding subdomains, open ports, and other valuable endpoints. The tools in this category are instrumental in revealing a comprehensive view of the target’s landscape. This stage includes tools like:


Once assets are discovered, the next step is to enrich the gathered data. This phase involves understanding the nature of the assets, the technologies behind them, and their exposure level. This stage includes tools like:


With the landscape mapped and details enriched, the next phase is detection. Here, the aim is to pinpoint exploitable vulnerabilities, ensuring a thorough risk assessment. This stage includes tools like:


These utilities can be combined with our other tooling based on the Unix philosophy to create pipelines and customize your offensive security or bug bounty hunting program.

Dive into the individual tool’s documentation to explore in-depth functionalities, usage examples, and best practices. Your journey into enhanced offensive security starts here!