1.FFUF
FFUF stands for fuzz faster you fools and it does exactly that, it is a super fast fuzzing tool written in go
<a href="https://github.com/ffuf/ffuf.git" class="autolinkedURL autolinkedURL-url" target="_blank">github.com/ffuf/ffuf.git</a>
2.Feroxbuster
It is a super convenient content discovery tool with many options, one of my personal favourites.
<a href="https://github.com/epi052/feroxbuster.git" class="autolinkedURL autolinkedURL-url" target="_blank">github.com/epi052/feroxbuster.git</a>
3.Subfinder
when it comes to hacking on wide scope targets finding subdomains are really really important, especially if you are a beginner and project discovery's subfinder does exactly that for you.
<a href="https://github.com/projectdiscovery/subfinder.git" class="autolinkedURL autolinkedURL-url" target="_blank">github.com/projectdiscovery/subfinder.git</a>
4.httpx
Another great tool by project discovery, this resolves a list of subdomains and checks whether the domains are alive or not.
<a href="https://github.com/projectdiscovery/httpx.git" class="autolinkedURL autolinkedURL-url" target="_blank">github.com/projectdiscovery/httpx.git</a>
5.nmap
The OG tool, takes a lot of time definitely not intended for large subdomain lists(or even small ones), tells everything about the website, like open ports, which os is it's server using and stuff like that.
6.Burpsuite
The swiss army knife of web hackers, you'll probably spend most of your time on it and you'll find all the great juicy bugs using this, portswigger is really doing great things for the community and in security research as well.
Well that's it,
Thank you for reading till the end.
Stay Hydrated !!

1.FFUF

FFUF stands for fuzz faster you fools and it does exactly that, it is a super fast fuzzing tool written in go

https://github.com/ffuf/ffuf.git


2.Feroxbuster

It is a super convenient content discovery tool with many options, one of my personal favourites.

https://github.com/epi052/feroxbuster.git


3.Subfinder

when it comes to hacking on wide scope targets finding subdomains are really really important, especially if you are a beginner and project discovery's subfinder does exactly that for you.

https://github.com/projectdiscovery/subfinder.git


4.httpx

Another great tool by project discovery, this resolves a list of subdomains and checks whether the domains are alive or not.

https://github.com/projectdiscovery/httpx.git

5.nmap

The OG tool, takes a lot of time definitely not intended for large subdomain lists(or even small ones), tells everything about the website, like open ports, which os is it's server using and stuff like that.


6.Burpsuite

The swiss army knife of web hackers, you'll probably spend most of your time on it and you'll find all the great juicy bugs using this, portswigger is really doing great things for the community and in security research as well.

Well that's it,

Thank you for reading till the end.

Stay Hydrated !!


hacking tools, web hacking, beginner, bug bounty tutorial

Top 6 essential tools for Web Application Hackers

Table of contents

No headings in the article.