Tool Tactics
Welcome to the Tools section – your essential toolkit for cybersecurity hardening. Here, we provide quick access to powerful tools and techniques that will fortify your defenses.
Available Tools
Subfinder is a subdomain discovery tool that finds and returns valid subdomains for websites. It is widely used for subdomain enumeration in the reconnaissance phase of security assessments, identifying potential attack surfaces by revealing hidden or forgotten subdomains, and can be easily integrated into broader reconnaissance workflows.
Nmap (Network Mapper) is a free and open-source utility for network discovery and security auditing. It is used to discover hosts and services on a computer network by sending packets and analyzing the responses.
Katana is a next-generation crawling and spidering framework. It is designed to be highly customizable, fast, and able to navigate modern web applications, including Single Page Applications (SPAs) relying heavily on JavaScript.
Nuclei is a fast and customizable vulnerability scanner based on simple YAML-based DSL. It is used to send requests across targets based on templates, leading to zero false positives and providing fast scanning on a large number of hosts.
Httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes. It is designed to maintain result reliability with an increased number of threads.
Gitleaks is a SAST tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repos. It provides an easy way to scan repositories for sensitive information.
WPScan is a black box WordPress vulnerability scanner that can be used to scan remote WordPress installations to find security issues.