Network Tools
🌐 Nmap
Industry-standard network assessment tool for port discovery and service fingerprinting.
What it finds:
- Open TCP/UDP ports
- Running services and versions
- Operating system detection
- Known vulnerabilities via NSE scripts
Docker image: instrumentisto/nmap
🔒 TestSSL
Comprehensive TLS/SSL testing tool.
What it finds:
- Expired or self-signed certificates
- Weak cipher suites
- Protocol vulnerabilities (BEAST, POODLE, Heartbleed, etc.)
- Missing HSTS headers
- Certificate chain issues
Docker image: drwetter/testssl.sh
📡 Subfinder
Passive subdomain discovery tool.
What it finds:
- Subdomains from public sources (DNS, certificate transparency, search engines)
- Potential shadow IT or forgotten services
Docker image: projectdiscovery/subfinder
🔌 HTTPX
HTTP toolkit for probing discovered hosts.
What it finds:
- HTTP response codes and server headers
- Technology stack detection
- Content length and title extraction
- Redirect chains
Docker image: projectdiscovery/httpx
🧱 Wafw00f
Web Application Firewall detection tool.
What it finds:
- Whether a WAF is present
- WAF vendor identification (Cloudflare, AWS WAF, Akamai, etc.)
- Helps interpret findings from other tools (some issues may be mitigated by WAF)
Docker image: itssecret/wafw00f