Based on our record, Subfinder should be more popular than w3af. It has been mentiond 2 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
https://github.com/projectdiscovery/subfinder does this, but it explains all the methods and lets you choose to only do a passive scan. - Source: Hacker News / 9 months ago
My main source is Certificate Transparency, which is kind of a database of TLS certs created so far. But use external tools like Subfinder or Amass. Source: over 1 year ago
Testing security of your website is easy. There are dozen of web security testing tools out there you can use for free. Arachni and w3af are famous open source security scanners you can use. - Source: dev.to / over 1 year ago
Sublist3r - Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT.
Nikto - Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web...
OWASP Amass - An advanced open source tool to help information security professionals perform network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques!
Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications.
sn0int - sn0int is a semi-automatic OSINT framework and package manager
Acunetix - Audit your website security and web applications for SQL injection, Cross site scripting and other...