top recon tools i use for information gathering for #bug_bounty:
Amass
The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
Github Link
Subfinder
subfinder is a subdomain discovery tool that returns valid subdomains for websites, using passive online sources. It has a simple, modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well.
Github Link
Nmap
Nmap is released under a custom license, which is based on (but not compatible with) GPLv2. The Nmap license allows free usage by end users, and we also offer a commercial license for companies that wish to redistribute Nmap technology with their products. See Nmap Copyright and Licensing for full details.
Github Link
Gospider
GoSpider - Fast web spider written in Go
Github Link
Gotator
this has massive features , Checks domain and TLD analyzing ccSLDs to avoid going out of scope (example.com, example.com.mx, etc.).
Github Link
Httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. It is designed to maintain result reliability with an increased number of threads.
Github Link
Wahtweb
Next generation web scanner
Github Link
What tool do you use ? :)
join my telegram channel for more -> @spi_sec
Top comments (2)
A bit more context would be useful for readers I believe 👍
yes you are right , i will update that, thanks for your comment