Your favorite Security tools?
Every Security researcher will definitely have a list of favorite personal security tools. It could even include tools on GitHub, Sourceforge, web services, or even your own tools. Similarly post your fav list and why you prefer those tools.
Here is my favorite list.
- nslookup - get info about DNS records
- knockpy - fast, efficient sub domain enumeration
- nmap - gather information like open ports, services, firewall presence, OS, and other info
- nikto - checks for various web app security including WAF and IDS, injection issues quickly
- DirBuster - url fuzzing and directory discovery
- XsStrike.py - checks for XSS and generates payloads if available
- BurpSuite - Helps in header analysis, check for XSS, CSRF and other issues by easily modifying headers and forwarding them
- SQLmap - Automates SQL injection payload injection and exploiting weak points. Helps identify SQLi
- Bettercap - Network monitoring and analysis
- Wireshark - Packet capture and analysis