WhatWeb:
WhatWeb is designed to identify website technologies and software version information. It includes over 1,750 plugins capable of recognizing blogger platforms, JavaScript libraries, web server fingerprints, and content management systems (CMS), to name a few.
DNSRecon:
Domain name resolutions involve converting domain names (like wonderhowto.com) into an IP address that servers and computers can interpret. DNSRecon is a comprehensive domain name service (DNS) enumeration and reconnaissance tool. It's able to carry out the following advanced tasks, to give you an idea of its power.
NS records for zone transfers:
checks Enumerate MX, SOA, NS, A, AAAA, and TXT records
Perform common SRV record enumeration
Check for wildcard resolution
Brute-force subdomains with a supplied wordlist
Identify cached DNS records for A, AAAA and CNAME Records
Nmap:
Nmap is a port scanner and network exploration tool. It's a full-featured tool adept at finding shared servers,
detecting CVEs, and performing a variety of advanced scanning techniques. As I mentioned previously, some of Nmap's features are not currently supported by UserLAnd. If you experience problems, be sure to open a new GitHub issue for assistance from the developers with this.
WAFW00F:
A web application firewall (WAF) detects and blocks malicious traffic transmitting to and from the web server its protecting. WAFW00F is able to fingerprint and identify web application firewall technologies by sending the website an HTTP request and analyses the response. It can currently identify over 45 popular web application firewall solutions such as CloudFlare, Sucuri, ModSecurity, and Incapsula.
GoLismero:
GoLismero is a web application framework that can audit websites and operating systems running Windows 10, Linux, and macOS (OS X).
DAVTest:
Web Distributed Authoring and Versioning (WebDAV) is an extension of HTTP that enables web servers to behave like file servers. It allows sysadmins to create and edit files remotely. DAVTest audits WebDAV-enabled servers by uploading executable files and enumerating command execution vulnerabilities. Using DAVTest, penetration testers can quickly identify if a given WebDAV server is exploitable.
Uniscan:
Uniscan is a simple tool created to discover remote and local file inclusion, as well as remote command execution vulnerabilities. It can also detect SQL and PHP CGI argument injections, crawl for hidden files and directories, and fingerprint web servers.
WHOIS:
WHOIS is a search and response protocol that is used by a variety of software and websites for querying domain owner information. The whois command line tool is used to easily access domain owner contact details and IP address assignments for information gathering purposes.
DIRB:
DIRB is a web application analysis and WebObject discovery tool that executes a dictionary-based attack against web servers.
Load Balance Detector (Lbd):
Load balancing refers to efficiently distributing incoming network traffic across a large pool (or "farm") of servers. To cost-efficiently provide consistent and reliable content to its visitors, large websites (like Facebook or Instagram) must use load-balancing solutions. Lbd attempts to detect if a given website employs a DNS or HTTP load balancing software by comparing server header responses.
Wapiti:
Wapiti is a website and web application auditing injection tool. It supports both GET and POST HTTP methods, generates verbose vulnerability assessment reports, and allows custom HTTP headers. Wapiti is capable of detecting a vast amount of vulnerabilities such as:
SQL and XPath injections
Cross-Site Scripting (XSS) injection
PHP command execution
CRLF injection
XML External Entity injection
Server-Side Request Forgeries (SSRF)
Apache .htaccess configuration bypasses
Sensitive file and information disclosures
Shellshock vulnerabilities
TheHarvester
TheHarvester is an open-source information gathering tool intended for penetration testers in the early stages of black-box and red team engagements. It features the ability to perform virtual host verifications, DNS enumeration, reverse domain searches, and IP lookups, as well as make Shodan queries.
XSSer:
Cross-Site Scripter (XSSer) is an automation tool that attempts to detect and exploit cross-site scripting vulnerabilities in web applications and websites. It also includes several options for evading XSS detection filters.
SSLyze:
Transport Layer Security (TLS; aka "SSL") is a cryptographic protocol designed to establish secure communications between computers operating over the internet. SSLyze analyzes the SSL configuration of a given website and reports misconfigurations and critical vulnerabilities.
DMitry:
DMitry is an information gathering tool that tries to collect as much information about a host as possible. It gathers subdomain information, email addresses, uptime information, open port details, whois lookup responses, and much more.
Nikto:Nikto is a vulnerability scanner which performs a myriad of comprehensive tests ag
ainst web servers. Among its many scanning features, it checks for outdated software, server misconfiguration, directory checks, weak HTTP headers, and has many available plugins for further enhancing its functionalities.
DNSmap:
DNSmap is another DNS enumeration tool meant to be used during the information gathering phase of a penetration testing engagement. Subdomain brute-forcing is a common and effective technique for discovering additional servers and IPs controls by a target website or company.
![image02](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJL3r_oiwye05yJuog_DaqsYF4b_0zfeoVvZxALnAexRIUg4j_VlB2hTYpoThIR1oajtFFPmEw0TE33qQUk_TjAAjgzaMRYwwXMCBxdJWTpd3-qpgyN9gS1tBHImhNCohJtJHGAYknL8Dy/s320/IMG_20190406_161948.jpg" width="320)
