| description |
|---|
A gang of automated web-scanners that check for multiple vulnerabilities or conduct several recon steps for the lazy and uninitiated, because we can't always be expected to perform exceptionally. |
Some of these tools are so easy to use, where you just point it at a domain with one command line flag and are able to burn through 50+ tests with the push of a button. It is important to understand what these are doing (or the information will be relatively useless in actually exploiting or reporting the vulnerability) and be able to do these tests on an individual basis, as you may be forced to do so after gaining a shell on a box without these tools and where file transfers are not allowed, firewalls block everything, you are stuck as an unprivileged user or you are in a situation that requires serious stealth.
Recon-ng
Sniper
Yuki-Chan
Nikto
Arachni
Recsech
Reconcobra
Raccoon
Reconnoitre