**<u>CHaS</u>** **CHaS.pl** - Check Headers and SSL **PEaS.pl** - Pre-Pentest Enumeration and Scanning **Recursive_PEaS.php** - Run PEaS against a list of hosts *** **<u>What required programs do</u>** **aha** - Converts ANSI terminal output to HTML **sslscan** - Gather information about the SSL certificate in use and identify vulnerabilities / misconfigurations **testssl** - A better version of the above. **securityheaders** - Check for missing or misconfigured headers on a web application **nmap** - Port scanner with plugins to enumerate and fingerprint services running **nikto** - Web server scanner that tests web servers for dangerous files/CGIs, outdated server software and other problems. **dirb** - Web application directory brute-forcer **wig** - Web aplication information gatherer - similar to whatweb **davtest** - Identifies if webdav is enabled and check for vulnerabilities if is. **wafw00f** - Detects if website is behind a waf and tries to identify it if one is detected **whatweb** - Identifies underlying technologies and versions running the web application such as server version and CMS **metagoofil** - Information gathering tool designed for extracting metadata of public documents **spaghetti** - Web app scanner designed to find various default and insecure files, configurations and misconfigurations. *** **<u>Recursive_PEaS Usage</u>** 1) create a file containing 1 host per line 2) edit PEaS.pl to not launch the file browser at the end 3) edit Recursive_PEaS.php to know the location of the list file and PEaS.pl 4) php ./Recursive_PEaS.php *** **<u>Ports</u>** Richard Clifford - Python: [https://github.com/richard-clifford/CHaS](https://github.com/richard-clifford/CHaS)