| Army-Knife/BURP | BurpSuite | It's Awesome | it's not | github:dog: |
| Army-Knife/ZAP | zaproxy | The OWASP ZAP core project |  |  |
| Discovery/CRAWL | Photon | Incredibly fast crawler designed for OSINT. |  |  |
| Discovery/CRAWL | gospider | Gospider - Fast web spider written in Go |  |  |
| Discovery/DNS | dnsprobe | DNSProb (beta) is a tool built on top of retryabledns that allows you to perform multiple dns queries of your choice with a list of user supplied resolvers. |  |  |
| Discovery/DNS | shuffledns | shuffleDNS is a wrapper around massdns written in go that allows you to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard handling and easy input-output support. |  |  |
| Discovery/DOMAIN | Amass | In-depth Attack Surface Mapping and Asset Discovery |  |  |
| Discovery/DOMAIN | assetfinder | Find domains and subdomains related to a given domain |  |  |
| Discovery/DOMAIN | findomain | The fastest and cross-platform subdomain enumerator, do not waste your time. |  |  |
| Discovery/DOMAIN | knock | Knock Subdomain Scan |  |  |
| Discovery/DOMAIN | subfinder | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing. |  |  |
| Discovery/FUZZ | dirsearch | Web path scanner |  |  |
| Discovery/FUZZ | gobuster | Directory/File, DNS and VHost busting tool written in Go |  |  |
| Discovery/GIT | GitMiner | Tool for advanced mining for content on Github |  |  |
| Discovery/GIT | gitGraber | gitGraber |  |  |
| Discovery/GIT | gitrob | Reconnaissance tool for GitHub organizations |  |  |
| Discovery/HTTP | Arjun | HTTP parameter discovery suite. |  |  |
| Discovery/PORT | masscan | TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes. |  |  |
| Discovery/PORT | naabu | A fast port scanner written in go with focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests |  |  |
| Discovery/PORT | nmap | Nmap - the Network Mapper. Github mirror of official SVN repository. |  |  |
| Discovery/TKOV | subjack | Subdomain Takeover tool written in Go |  |  |
| Discovery/URL | waybackurls | Fetch all the URLs that the Wayback Machine knows about for a domain |  |  |
| Discovery/VULN | Silver | Mass scan IPs for vulnerable services |  |  |
| Fetch/TOM | httprobe | Take a list of domains and probe for working HTTP and HTTPS servers |  |  |
| Fetch/TOM | meg | Fetch many paths for many hosts - without killing the hosts |  |  |
| Fetch/WSOCK | websocket-connection-smuggler | websocket-connection-smuggler |  |  |
| Scanner/CORS | Corsy | CORS Misconfiguration Scanner |  |  |
| Scanner/FUZZ | Medusa | Automatic Video Library Manager for TV Shows. It watches for new episodes of your favorite shows, and when they are posted it does its magic. |  |  |
| Scanner/FUZZ | ffuf | Fast web fuzzer written in Go |  |  |
| Scanner/FUZZ | thc-hydra | hydra |  |  |
| Scanner/FUZZ | wfuzz | Web application fuzzer |  |  |
| Scanner/LFI | LFISuite | Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner |  |  |
| Scanner/LFI | dotdotpwn | DotDotPwn - The Directory Traversal Fuzzer |  |  |
| Scanner/NOSQL | NoSQLMap | Automated NoSQL database enumeration and web application exploitation tool. |  |  |
| Scanner/SQL | sqlmap | Automatic SQL injection and database takeover tool |  |  |
| Scanner/SQL | sqlninja | SQL Injection Tool |  |  |
| Scanner/SSL | a2sv | Auto Scanning to SSL Vulnerability |  |  |
| Scanner/SSL | testssl.sh | Testing TLS/SSL encryption anywhere on any port |  |  |
| Scanner/WP | wpscan | WPScan is a free, for non-commercial use, black box WordPress Vulnerability Scanner written for security professionals and blog maintainers to test the security of their WordPress websites. |  |  |
| Scanner/WVS | Striker | Striker is an offensive information and vulnerability scanner. |  |  |
| Scanner/WVS | arachni | Web Application Security Scanner Framework |  |  |
| Scanner/WVS | nikto | Nikto web server scanner |  |  |
| Scanner/WVS | zap-cli | A simple tool for interacting with OWASP ZAP from the commandline. |  |  |
| Scanner/XSS | XSStrike | Most advanced XSS scanner. |  |  |
| Scanner/XSS | xspear | Powerfull XSS Scanning and Parameter analysis tool&gem |  |  |
| Utility/CLIP | ftc | simple copy to file to clipboard |  |  |
| Utility/FIND | fzf | A command-line fuzzy finder |  |  |
| Utility/GREP | gf | A wrapper around grep, to help you grep for things |  |  |
| Utility/JSON | gron | Make JSON greppable! |  |  |
| Utility/S3 | s3reverse | The format of various s3 buckets is convert in one format. for bugbounty and security testing. |  |  |
| Utility/VULN | oxml_xxe | A tool for embedding XXE/XML exploits into different filetypes |  |  |
| Utility/VULN | ysoserial | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |  |  |
