Tool name Language/OS used to run the tool

Sublist3r Python
Enumall Python
Massdns Python
Dnsdumpster
Dnscan Python
Knockpy Python
Nmap C
Masscan C
Eyewitness Python
Httpscreenshot Python
Dirbuster Java
Dirb Linux
Crunch Linux
Cewl ruby
Dirsearch windows/linux
Unicornscan Linux
git-all-secrets
GoogD0rker Python
Parameth Python
Wayback Machine
waybackrobots Python
waybackurls Python
Shodan
Seclists
The harvester Python
SQLmap windows/linux
XSStrike python
Brutexss windows/linux
DOMxsscanner Python
XSS hunter
LFISuit Python
Findsploit windows/linux
Wpscan ruby/curl
Joomscan perl
CMSmap Python
Wfuzz windows/linux
THC hydra windows/linux
Wappalyzer
Builtwith
Mobsf apk tool
Genymotion apk tool
Ettercap linux
Wireshark windows/linux
Bettercap go
Aquatone Ruby
Zenmap Windows/linux
Fern wifi cracker Linux
Hashcat Linux
Cain&abel Windows
Nessus Ruby
Accunetix
Wifite Python
john the ripper Linux/Windows
Sslcan Windows/Linux
Maltego Python
Owasp zed Windows
Nikto Perl
Zoomeye
social engineering toolkit Python
Wpsploit Linux
Fiddler Windows
fluxion Python
Fcrackzip Linux
Ophcrack Linux
Mimikatz Windows
Virustotal
Amass Linux
Threatexpert Windows
Commix Python
Fuxploider Python
WAFW00F Python
Binwalk Python
ExifTool Perl
CloudFlair Python
 Description
Tool designed to enumerate subdomains of websites
Script to enumerate subdomains
Tool used to resolve lots of subdomains quickly
Website to find and lookup DNS records
A wordlist-based DNS subdomain scanner
A python tool to enumerate subdomains
Free and open-source network scanner
very fast network and port scanner like nmap
A tool used to capture screenshots
A tool for grabbing screenshots and HTML of websites
Application designed to brute force directories
A command line based tool to brute force directories
A wordlist generator
Custom wordlist generator
A command line tool designed to brute force directories
information gathering tool
A tool used to find git secrets
google dorks for a domain
Tool to brute discover GET and POST parameters
A digital archive of the World Wide Web
Fetch urls of webarchive
Fetch all the URLs that the Wayback Machine
search engine for Internet-connected devices
Collection of Wordlists
A tool for gathering e-mail accounts and subdomain names from publi
A software that is used to detect and exploit database vulnerabilities
Tool to test websites for XSS vulnerabilities
Cross-Site Scripting Bruteforcer.
Tool for finding potential DOM based XSS
To find all kinds of cross-site scripting vulnerabilities
Tool able to scan and exploit Local File Inclusion
Find Exploits In Local And Online Databases
WordPress vulnerability scanner
Joomla vulnerability scanner
CMS vulnerability scanner
Tool designed for bruteforcing Web Applications
A brute force password cracking tool.
Uncovers the technologies used on websites
Find out what a website is built with
All-in-one mobile application (Android/iOS/Windows) pen-testing f
Cross-platform Android emulator for developers & QA engineers
Tool for man-in-the-middle attacks on LAN
open-source packet analyzer.
Tool used for MITM attacks
A set of tools for performing reconnaissance on domain names
A GUI for nmap
Cracking WiFi Password
Password cracker
A password recovery tool for Microsoft Operating Systems
A vulnerability scanner
An automated web application security testing tool
To attack multiple WEP, WPA, and WPS encrypted networks in a row.
A free password cracking software tool
Scan SSL services
open-source intelligence and forensics tool
open-source web application security scanner.
A Web server scanner
Search Engine for Cyberspace
An open-source Python-driven tool aimed at penetration testing arou
Tool to pentest wordpress plugins
A Web Debugging Proxy
Tool for MITM WPA attacks
Tool to crack zip passwords
Tool to crack passwords for windows login
A post-exploitation tool for windows
free service that analyzes files and URLs for viruses, worms, trojans
Tool for Subdomain enumeration
Upload any file to the servers of the program and they''ll tell you if the
command-injection detection exploitation pentesting vulnerability-s
File Upload Vulnerability Scanner And Exploitation Tool
Identify and fingerprint Web Application Firewall products
Firmware Analysis Tool
software program for reading, writing, and manipulating image, audi
CloudFlair is a tool to find origin servers of websites protected by Cl
 Links for using/downloading the tool
https://github.com/aboul3la/Sublist3r
https://github.com/jhaddix/domain/
https://github.com/blechschmidt/massdns
https://dnsdumpster.com/
https://github.com/rbsec/dnscan
https://github.com/guelfoweb/knock
https://nmap.org/
https://github.com/robertdavidgraham/masscan
https://tools.kali.org/information-gathering/eyewitness
https://github.com/breenmachine/httpscreenshot
https://tools.kali.org/web-applications/dirbuster
https://tools.kali.org/web-applications/dirb
https://tools.kali.org/password-attacks/crunch
https://tools.kali.org/password-attacks/cewl
https://github.com/maurosoria/dirsearch
https://tools.kali.org/information-gathering/unicornscan
https://github.com/anshumanbh/git-all-secrets
https://github.com/ZephrFish/GoogD0rker
https://github.com/maK-/parameth
https://archive.org/web/
https://gist.github.com/mhmdiaa/2742c5e147d49a804b408bfed3d32d07
https://github.com/tomnomnom/waybackurls
https://www.shodan.io/
https://github.com/danielmiessler/SecLists
https://tools.kali.org/information-gathering/theharvester
http://sqlmap.org/
https://github.com/s0md3v/XSStrike
https://brutelogic.com.br/
https://github.com/yaph/domxssscanner
https://xsshunter.com/
https://github.com/D35m0nd142/LFISuite
https://github.com/1N3/Findsploit
https://wpscan.org/
https://github.com/rezasp/joomscan
https://github.com/Dionach/CMSmap
https://tools.kali.org/web-applications/wfuzz
https://tools.kali.org/password-attacks/hydra
https://www.wappalyzer.com/
https://builtwith.com/
https://github.com/MobSF/Mobile-Security-Framework-MobSF
https://www.genymotion.com/
https://www.ettercap-project.org/
https://www.wireshark.org/
https://github.com/bettercap/bettercap
https://github.com/michenriksen/aquatone
https://nmap.org/zenmap/
https://tools.kali.org/wireless-attacks/fern-wifi-cracker
https://hashcat.net/hashcat/
http://www.oxid.it/cain.html
https://www.tenable.com/products/nessus/nessus-professional
https://www.acunetix.com/
https://github.com/derv82/wifite
https://www.openwall.com/john/
https://github.com/rbsec/sslscan
https://www.paterva.com/
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
https://cirt.net/nikto2
https://www.zoomeye.org/
https://www.social-engineer.org/framework/se-tools/computer-based/social-engineer-toolkit-set/
https://github.com/espreto/wpsploit
https://www.telerik.com/fiddler
https://github.com/wi-fi-analyzer/fluxion
https://allanfeid.com/content/cracking-zip-files-fcrackzip
http://ophcrack.sourceforge.net/
https://github.com/gentilkiwi/mimikatz
https://www.virustotal.com/
https://github.com/OWASP/Amass
https://threatexpert.en.uptodown.com/windows
https://github.com/commixproject/commix
https://github.com/almandin/fuxploider
https://github.com/EnableSecurity/wafw00f
https://github.com/ReFirmLabs/binwalk
https://www.sno.phy.queensu.ca/~phil/exiftool/
https://github.com/christophetd/CloudFlair
 List of blogs to learn more about the tool
https://www.hackingtutorials.org/web-application-hacking/discovering-subdomains-with-sublist3r/

https://www.youtube.com/watch?v=GKHGEGe5rAs

https://hydrasky.com/network-security/kali-tools/knockpy-enumerate-subdomain-scanner/
https://nmap.org/book/port-scanning-tutorial.html
https://tools.kali.org/information-gathering/masscan
https://tools.kali.org/information-gathering/eyewitness
https://www.bugcrowd.com/guest-blog-httpscreenshot-tool-teams/
https://null-byte.wonderhowto.com/how-to/hack-like-pro-find-directories-websites-using-dirbuster-0157593/
https://medium.com/tech-zoom/dirb-a-web-content-scanner-bc9cba624c86
https://www.hackingarticles.in/comprehensive-guide-on-crunch-tool/
https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-passwords-part-5-creating-custom-wordlist-with-ce
https://securityonline.info/dirsearch-https-directoryfile-brute-forcer/?cn-reloaded=1
https://www.hackers-arise.com/single-post/2017/08/20/Reconnaissance-with-Unicornscan
https://securityonline.info/git-all-secrets/
https://securityonline.info/googd0rker-use-google-dorks-target-domain/
https://www.kitploit.com/2017/10/parameth-tool-to-brute-discover-get-and.html
https://www.lifewire.com/wayback-machine-3481829
47d49a804b408bfed3d32d07

https://danielmiessler.com/study/shodan/
https://tools.kali.org/password-attacks/seclists
https://tools.kali.org/information-gathering/theharvester
https://coderseye.com/learn-sqlmap-and-tutorial
https://www.kitploit.com/2018/03/xsstrike-v20-advanced-xss-detection-and.html
https://brutelogic.com.br/
https://www.ehacking.net/2011/05/online-dom-xss-scanner-tutorial.html
https://thehackerblog.com/xss-hunter-is-now-open-source-heres-how-to-set-it-up/index.html
https://n0where.net/totally-automatic-lfi-exploiter-scanner-lfisuite
https://www.kitploit.com/2018/02/findsploit-find-exploits-in-local-and.html
https://blog.sucuri.net/2015/12/using-wpscan-finding-wordpress-vulnerabilities.html
https://kalilinuxtutorials.com/joomscan-owasp/
https://latesthackingnews.com/2018/12/23/cmsmap-an-open-source-cms-scanner/
https://www.darknet.org.uk/2016/05/wfuzz-web-application-password-cracker/
https://null-byte.wonderhowto.com/how-to/hack-like-pro-crack-online-passwords-with-tamper-data-thc-hydra-0155

https://kalilinuxtutorials.com/mobsf-mobile-security-framework/
http://hackpundit.com/android-emulator-genymotion-installation/
https://pentestmag.com/ettercap-tutorial-for-windows/
https://www.youtube.com/watch?v=TkCSr30UojM
https://danielmiessler.com/study/bettercap/
https://michenriksen.com/blog/aquatone-tool-for-domain-flyovers/
https://www.linux.com/learn/zenmap-tutorial-audit-your-networks-using-nmap-gui
https://gbhackers.com/cracking-wifi-password-with-fern-wifi-cracker-to-access-free-internet-everyday/
https://resources.infosecinstitute.com/hashcat-tutorial-beginners/#gref
https://www.hackeroyale.com/crack-passwords-using-cain-abel-step-step-tutorial/
https://searchsecurity.techtarget.com/tutorial/Nessus-3-Tutorial
https://www.hackeroyale.com/how-to-use-acunetix-scanner-to-scan-sites-tutorial/
https://www.kalitutorials.net/2014/04/wifite-hacking-wifi-easy-way-kali-linux.html
https://www.openwall.com/john/doc/EXAMPLES.shtml
http://www.exploresecurity.com/wp-content/uploads/custom/SSL_manual_cheatsheet.html
https://www.computerweekly.com/tip/Maltego-tutorial-Part-1-Information-gathering
https://owasp-academy.teachable.com/p/owasp-zap-tutorial
https://resources.infosecinstitute.com/introduction-nikto-web-application-vulnerability-scanner/
http://www.pentest.guru/index.php/2016/01/13/zoomeye-the-valid-iot-search-engine-you-never-heard-of/
https://www.exploit-db.com/docs/english/17701-social-engineering-toolkit.pdf
https://www.kitploit.com/2017/11/wpsploit-wordpress-plugin-code-scanner.html
https://www.blackbaud.com/files/support/guides/infinitydevguide/subsystems/dmd-developer-help/Content/Infinit
https://null-byte.wonderhowto.com/forum/fluxion-cracking-wifi-without-bruteforce-wordlist-kali-linux-2017-1-full-g
http://pent-hack.blogspot.com/2013/01/fcrack-protected-zip.html
https://www.lifewire.com/how-to-recover-passwords-using-ophcrack-livecd-2626168
https://resources.infosecinstitute.com/mimikatz-walkthrough/

https://evil-security.com/subdomain-enumeration-amass/
https://support.symantec.com/en_US/article.TECH96745.html
https://resources.infosecinstitute.com/commix-an-automated-tool-for-command-injection/
https://www.kitploit.com/2018/01/fuxploider-file-upload-vulnerability.html
https://pentestlab.blog/tag/wafw00f/
https://securityonline.info/introduction-to-binwalk-firmware-analysis-tool/
https://www.hacking-tutorial.com/tips-and-trick/information-gathering-from-photos-using-exiftool/
buster-0157593/

ustom-wordlist-with-cewl-0158855/

per-data-thc-hydra-0155374/
ever-heard-of/

per-help/Content/InfinityWebAPI/coUsingFiddlerCreateHTTPRequest.htm
-kali-linux-2017-1-full-guide-0178727/