Quickly Find Dom-Based XSS Vulnerabilities with Burp Suite’s Dom Invader.
Nmap Cheatsheet – Network Mapper tool used to scan networks and devices.
EyeWitness is an open-source tool that is used to take screenshots of the website RDP services, and open VNC servers, provide some server header info and identify default credentials if known.
What is Recon-ng?
Recon-ng is a full-featured reconnaissance framework that has a similar interface to that of Metasploit(which comes in handy and easy to use).
Recon-ng has the command-line interface which you can run on Kali Linux, also you enter a shell-like environment where you can configure options, perform recon, and output results to different report types.
Whois is an Internet service and protocol by which we can find who owns a domain of an website, and displays information about domain name Whois is an Internet service and protocol that searches and displays information about a domain name from repositories of domain name registrars worldwide, and their IP adress block, or an autonomous system etc.