Nuclei
Fast vulnerability scanner driven by YAML templates—used for recon, misconfigs, CVEs, and custom checks at scale.
Why it is included
Template ecosystem and speed made it a core piece of modern attack-surface workflows.
Best for
Bug bounty, ASM pipelines, and repeatable pentest regressions.
Strengths
- Huge template set
- CI-friendly
- ProjectDiscovery stack fit
Limitations
- False positives; governance needed for template sources
Good alternatives
Nikto · OWASP ZAP
Related tools
Security & Privacy
httpx (ProjectDiscovery)
Fast HTTP probing CLI: status, title, tech fingerprinting, paths, and pipeline-friendly output for asset lists.
Security & Privacy
Subfinder
Passive subdomain enumeration aggregating many OSINT sources with resolver validation options.
Security & Privacy
Nikto
Web server scanner that probes for dangerous files, outdated software, and misconfigurations via many checks.
Security & Privacy
theHarvester
E-mail, subdomain, and host harvesting from search engines, PGP servers, and common OSINT APIs.
Security & Privacy
Metasploit Framework
Modular exploitation framework with payloads, encoders, auxiliaries, and integration points for exploit development.
Security & Privacy
OWASP ZAP
OWASP flagship web app scanner and proxy: automated checks, manual request tampering, scripting, and CI integrations.