httpx (ProjectDiscovery)
Fast HTTP probing CLI: status, title, tech fingerprinting, paths, and pipeline-friendly output for asset lists.
Why it is included
Pairs with Nuclei/Subfinder as the standard open chain for mapping live HTTP services.
Best for
Turning DNS/subdomain lists into verified web endpoints.
Strengths
- Speed
- JSONL output
- Rich probes
Limitations
- Not a full browser or auth-aware scanner alone
Good alternatives
curl scripts · EyeWitness-class tools
Related tools
Security & Privacy
Nuclei
Fast vulnerability scanner driven by YAML templates—used for recon, misconfigs, CVEs, and custom checks at scale.
Security & Privacy
Subfinder
Passive subdomain enumeration aggregating many OSINT sources with resolver validation options.
Security & Privacy
Nikto
Web server scanner that probes for dangerous files, outdated software, and misconfigurations via many checks.
Security & Privacy
theHarvester
E-mail, subdomain, and host harvesting from search engines, PGP servers, and common OSINT APIs.
Security & Privacy
Metasploit Framework
Modular exploitation framework with payloads, encoders, auxiliaries, and integration points for exploit development.
Security & Privacy
OWASP ZAP
OWASP flagship web app scanner and proxy: automated checks, manual request tampering, scripting, and CI integrations.