• Tools
  • Features
  • Resources

Introduction

Getting Started

Platform Features

Scanning
AI Analysis
Code Scanning (SAST)
Reports
Dashboard & Analytics

Developer Reference

REST API
CLI Reference
CI/CD Integration
Tool Tactics
SubfinderNmapKatanaNucleiHttpxGitleaksWPScan
Tool Tactics · v2.0

Tool Tactics

Welcome to the Tools section – your essential toolkit for cybersecurity hardening. Here, we provide quick access to powerful tools and techniques that will fortify your defenses.

7 tools available
Practical Usage
CLI & Web UI

Available Tools

subfinderrecon

Subfinder is a subdomain discovery tool that finds and returns valid subdomains for websites. It is widely used for subdomain enumeration in the reconnaissance phase of security assessments, identifying potential attack surfaces by revealing hidden or forgotten subdomains, and can be easily integrated into broader reconnaissance workflows.

nmapnetwork

Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing. It is used to discover hosts and services on a computer network by sending packets and analyzing the responses.

katanaweb

Katana is a next-generation crawling and spidering framework. It is designed to be highly customizable, fast, and able to navigate modern web applications, including Single Page Applications (SPAs) relying heavily on JavaScript.

nucleivulns

Nuclei is a fast and customizable vulnerability scanner based on simple YAML-based DSL. It is used to send requests across targets based on templates, leading to zero false positives and providing fast scanning on a large number of hosts.

httpxweb

Httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes. It is designed to maintain result reliability with an increased number of threads.

gitleakssecrets

Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repos. It provides an easy way to scan repositories for sensitive information.

wpscanweb

WPScan is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.

Previous
CI/CD Integration
Next
Subfinder
⌘K

On this page

Overview