没有awvs........
1. Burp Suite - Framework. 2. ZAP Proxy - Framework. 3. Dirsearch - HTTP bruteforcing. 4. Nmap - Port scanning.5. Sublist3r - Subdomain discovery. 6. Amass - Subdomain discovery.
7. SQLmap - SQLi exploitation. 8. Metasploit - Framework. 9. WPscan - WordPress exploitation. 10. Nikto - Webserver scanning. 11. HTTPX - HTTP probing. 12. Nuclei - YAML based template scanning. 13. FFUF - HTTP probing. 14. Subfinder - Subdomain discovery.
15. Masscan - Mass IP and port scanner. 16. Lazy Recon - Subdomain discovery. 18. XSS Hunter - Blind XSS discovery. 19. Aquatone - HTTP based recon. 20. LinkFinder - Endpoint discovery through JS files.
原文始发于微信公众号(军机故阁):国外常用黑客工具top20
免责声明:文章中涉及的程序(方法)可能带有攻击性,仅供安全研究与教学之用,读者将其信息做其他用途,由读者承担全部法律及连带责任,本站不承担任何法律及连带责任;如有问题可邮件联系(建议使用企业邮箱或有效邮箱,避免邮件被拦截,联系方式见首页),望知悉。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论