Host discovery and service enumeration are essential in network pentests, but they can be tedious and time-consuming. Zero-E (ZrE) automates the entire process, from port and host discovery to detailed scans of active hosts, saving valuable time. With a tested, efficient methodology, ZrE offers zero-effort, zero-error network enumeration—no experience needed. It even generates various files for analysis, so you can relax while it does the work for you.

Web application security scanner

Most advanced XSS scanner.

WordPress vulnerability scanner

Network protocol analyzer

WhatWeb identifies websites. Its goal is to answer the question, "What is that Website?". WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

An ultra-lightweight web screenshot tool with advanced features.

VX0 is a simple and easy-to-use tool designed for subdomain enumeration, filtering specific data and subdomains and web archive data collection. It helps you discover subdomains, filter live ones, and extract sensitive data from the Wayback Machine.

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting