feroxbuster
Recursive content discovery written in Rust with intelligent filtering and replay-friendly output.
Why it is included
Modern performance and recursion defaults appeal to web testers.
Best for
Deep crawls of large sites under explicit permission.
Strengths
- Recursion
- Filter heuristics
- Rust performance
Limitations
- Aggressive defaults need scope alignment
Good alternatives
ffuf · Gobuster
Related tools
Security & Privacy
ffuf
Fast web fuzzer for directories, virtual hosts, parameters, and raw HTTP—common in bug bounty playbooks.
Security & Privacy
Gobuster
Go-based directory/DNS/vhost brute-forcer with threading tuned for pentest wordlists.
Security & Privacy
OWASP ZAP
OWASP flagship web app scanner and proxy: automated checks, manual request tampering, scripting, and CI integrations.
Security & Privacy
sqlmap
Automatic SQL injection and database takeover helper with fingerprinting, data exfiltration, and OS-shell paths.
Security & Privacy
Nikto
Web server scanner that probes for dangerous files, outdated software, and misconfigurations via many checks.
Security & Privacy
WPScan
WordPress security scanner: version fingerprinting, plugin/theme vuln DB, weak creds, and user enumeration.