DEV Community

vala broumand
vala broumand

Posted on • Edited on

Top Recon Tools

top recon tools i use for information gathering for #bug_bounty:

Amass

The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
Github Link

Subfinder

subfinder is a subdomain discovery tool that returns valid subdomains for websites, using passive online sources. It has a simple, modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well.
Github Link

Nmap

Nmap is released under a custom license, which is based on (but not compatible with) GPLv2. The Nmap license allows free usage by end users, and we also offer a commercial license for companies that wish to redistribute Nmap technology with their products. See Nmap Copyright and Licensing for full details.
Github Link

Gospider

GoSpider - Fast web spider written in Go
Github Link

Gotator

this has massive features , Checks domain and TLD analyzing ccSLDs to avoid going out of scope (example.com, example.com.mx, etc.).
Github Link

Httpx

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. It is designed to maintain result reliability with an increased number of threads.
Github Link

Wahtweb

Image description

Next generation web scanner
Github Link

What tool do you use ? :)
join my telegram channel for more -> @spi_sec

Top comments (2)

Collapse
 
fyodorio profile image
Fyodor

A bit more context would be useful for readers I believe 👍

Collapse
 
vabro profile image
vala broumand

yes you are right , i will update that, thanks for your comment