One.
Curl--head
Returns the version of the operating system
The same Xprobe2 can be returned with Nmap to the operating system version
Nmap directly add the domain name or IP address, more authoritative to determine the operating system version, or service version, and open the port
Nmap-v-a
Two. Maltego
Find relevant information by domain name. such as gateways, mail, IP, phone numbers.
Three, HTTP scan
Webshag
Scan the directory structure of the Web site to scan http and HTTPS Web servers, port scanning, information collection, fuzzy query, etc.
W3af
Scan vulnerability
Web code auditing and application penetration testing tools, divided into many modules such as attack, audit, development, brute force
ZAP
Similar to the one above, relatively small, automated
Four.
Splmap
The SQL injection tool injects attacks directly into the terminal and is an attack using an internal dictionary,
Sqlmap-u + domain-t specify table-c--dump Download
Kali-linux Simple Learning