π οΈ Essential Tools for Cybersecurity & Bug Bounty
Whether you're doing recon, fuzzing, or exploitation, tools are a big part of your workflow. Hereβs a breakdown of the most-used tools across different stages of hacking.
π Reconnaissance
- subfinder β Subdomain enumeration from passive sources.
- amass β Comprehensive passive & active subdomain enumeration.
- assetfinder β Quickly find subdomains related to a domain.
- httpx β Probes for working HTTP/S servers.
- waybackurls / gau β Find historical URLs via Wayback Machine & other sources.
π§ͺ Fuzzing & Discovery
- ffuf β Fast web fuzzer for directories, parameters, headers, etc.
- dirsearch β Directory brute-forcing tool written in Python.
- ParamSpider β Finds hidden parameters on web apps.
- Dalfox β XSS scanning and fuzzing tool.
π Web Proxy & Manual Testing
- Burp Suite β The #1 tool for web app testing, used for intercepting, modifying, and analyzing requests.
- Postman β Excellent for API testing, works well with REST and GraphQL endpoints.
- Browser DevTools β Use the network and console tabs to analyze and manipulate behavior.
π§° Scanning & Enumeration
- nmap β Network scanning, port discovery, and service identification.
- nikto β Web server scanner for outdated or misconfigured services.
- whatweb / wappalyzer β Fingerprint web technologies and stack.
π§ Automation & Scripting
- Python β Write custom recon tools, PoCs, and scripts.
- Bash β Automate tool chains and scanning pipelines.
- JS (JavaScript) β Useful for payload creation and DOM-based XSS exploitation.
π Wordlists
- SecLists β The most complete collection of wordlists.
/usr/share/wordlists/β Kali Linux built-in lists (e.g., `rockyou.txt`).
π¦ Useful GitHub Repos
- ProjectDiscovery β Suite of tools including subfinder, httpx, nuclei.
- tomnomnom β Creator of many essential Go-based recon tools.
- ParamSpider
βοΈ Browser Extensions
- HackTools β Payload helper inside DevTools.
- Wappalyzer β Identify technologies used on websites.
- ModHeader β Modify request headers on the fly.
- Shodan Plugin β Quick lookup of server details.
π Passwords & Hashes
- hash-identifier β Identify hash types.
- John the Ripper β Password cracker for many formats.
- Hydra β Bruteforcing credentials over various protocols.
π Want to see these tools in action?
Check out tutorials under Guides or jump into CTFs to apply your tools on real labs.