Here are some common tools used for planning and reconnaissance in penetration testing:

1. Nmap: Nmap is a free and open-source tool used for network exploration,
management, and security auditing. It can be used to discover hosts and services on a
network, as well as to identify potential vulnerabilities.
2. Maltego: Maltego is a commercial tool used for information gathering and data
mining. It can be used to discover relationships between various entities, such as IP
addresses, domain names, and social media profiles.
3. theHarvester: theHarvester is a tool used to gather email addresses, subdomains,
hosts, employee names, open ports, and banners from different public sources,
including search engines, PGP key servers, and SHODAN.
4. Recon-ng: Recon-ng is an open-source tool used for web reconnaissance. It can be
used to gather information about web applications, including web server
fingerprinting, directory enumeration, and port scanning.
5. Shodan: Shodan is a search engine for internet-connected devices. It can be used to
identify vulnerable devices, such as open ports and services.
6. Google Dorks: Google Dorks are advanced search queries that can be used to identify
sensitive information on the internet. They can be used to search for vulnerabilities,
usernames and passwords, and other sensitive information.
7. WHOIS: WHOIS is a protocol used to query databases that store information about
internet domain names and IP addresses. It can be used to gather information about
the owner of a domain name or IP address, as well as their contact information.
These are just a few of the many tools available for planning and reconnaissance in
penetration testing. It is important to choose the right tool for the task at hand and to use it
ethically and responsibly.